Solved: Only SSH and NO Telnet

mrashby · ‎04-22-2008

All,

I have been using telnet for a while now to access my routers now that my routers are configured to use SSH 2 our security group wants us to nix the telnet access all together. As simple as it may be I never have done it. Can anyone instruct me on how to totally turn off telnet on a router. Thanks.

andrew.butterworth · ‎04-22-2008

line vty 0 4

transport input ssh

If its a Catalyst then there are 16 vty lines by default so:

line vty 0 15

transport input ssh

HTH

Andy

View solution in original post

andrew.butterworth · ‎04-22-2008

line vty 0 4

transport input ssh

If its a Catalyst then there are 16 vty lines by default so:

line vty 0 15

transport input ssh

HTH

Andy

donlerche · ‎05-08-2008

Hi, have just done this using the following commands on the vty's:-

line vty 0 15

transport input ssh

transport output ssh

This should remove the ability to both telnet to and from the device. It appears the default is "transport input telnet" and "transport output telnet" but this doesn't show in the config. If you want BOTH telnet & ssh, then use "transport input telnet ssh" and "transport output telnet ssh"

Regards

Don

tj.mitchell · ‎05-08-2008

Ensure that you have the transport output ssh command in there, otherwise if you try to ssh from one device to another it's not going to work.

Richard Burts · ‎05-08-2008

Thomas

While configuring transport output ssh might be a good idea it is certainly not required. SSH as an output transport is enabled by default. I frequently SSH from one router to another and the router from which I initiate the SSH does not have transport output ssh configured.

But as Don pointed out, if you want to disable outbound telnet then you do need to configure transport output ssh.

That configuration is required to disable telnet, it is not required to enable ssh.

HTH

Rick

HTH

Rick