04-22-2008 06:45 AM - edited 03-05-2019 10:32 PM
All,
I have been using telnet for a while now to access my routers now that my routers are configured to use SSH 2 our security group wants us to nix the telnet access all together. As simple as it may be I never have done it. Can anyone instruct me on how to totally turn off telnet on a router. Thanks.
Solved! Go to Solution.
04-22-2008 06:48 AM
line vty 0 4
transport input ssh
If its a Catalyst then there are 16 vty lines by default so:
line vty 0 15
transport input ssh
HTH
Andy
04-22-2008 06:48 AM
line vty 0 4
transport input ssh
If its a Catalyst then there are 16 vty lines by default so:
line vty 0 15
transport input ssh
HTH
Andy
05-08-2008 06:57 AM
Hi, have just done this using the following commands on the vty's:-
line vty 0 15
transport input ssh
transport output ssh
This should remove the ability to both telnet to and from the device. It appears the default is "transport input telnet" and "transport output telnet" but this doesn't show in the config. If you want BOTH telnet & ssh, then use "transport input telnet ssh" and "transport output telnet ssh"
Regards
Don
05-08-2008 08:18 AM
Ensure that you have the transport output ssh command in there, otherwise if you try to ssh from one device to another it's not going to work.
05-08-2008 08:29 AM
Thomas
While configuring transport output ssh might be a good idea it is certainly not required. SSH as an output transport is enabled by default. I frequently SSH from one router to another and the router from which I initiate the SSH does not have transport output ssh configured.
But as Don pointed out, if you want to disable outbound telnet then you do need to configure transport output ssh.
That configuration is required to disable telnet, it is not required to enable ssh.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: