SSH from ios prompt

Unanswered Question
May 8th, 2008

With telnet, you can get to another device by simply entering the destination IP address without prefixing with the command "telnet". As we are in the process of disabling telnet and replacing with SSHv2, is there any way of allowing ssh connections the same form of shortcut without having to prefix the IP address with the command "ssh"? Thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2.5 (2 ratings)
Loading.
Richard Burts Thu, 05/08/2008 - 08:07

Don

It is logical to hope that if you disable telnet and SSH becomes your default outbound protocol that you might be able to use the same shortcut and just enter the destination name or address to connect by SSH. But it does not seem to work that way.

I did a test to confirm that it will not just connect with SSH. I disabled telnet output and allowed only SSH output. I then entered the address of a router that is reachable and pressed enter. I received an error message indicating "unknown command or computer name". I then enabled telnet as an output transport and then entering just the destination address did connect me to the other router.

One refinement to the post by Jason. If you have authenticated to a router (connect remotely via SSH or authenticate through console connection) and want to SSH to some router using the same user name then you only need to ssh (do not need -l ).

HTH

Rick

donlerche Fri, 05/09/2008 - 01:31

Rick,

Thanks for confirming what I found in testing. I did also note like yourself, that if you have already authenticated onto a box (in my case I was using TACACS+) then entering "ssh 192.168.1.1" for example would go straight to the password prompt on the target device 192.168.1.1, and your username has already been sent across. So guess what you lose by having to type "ssh" you gain in not having to enter your username!

Thanks

Don

donlerche Fri, 05/09/2008 - 01:24

Jason,

thanks for the reply. Rick in a later post has confirmed what I found in that it does not appear possible to simply put an IP address at the IOS prompt when jumping from one box to another when SSH is the only transport, like you can when telnet is enabled. I also found, like Rick that if you have already authenticated onto a box (in my case I was using TACACS+) then entering "ssh 192.168.1.1" for example would go straight to the password prompt on the target device 192.168.1.1, and your username has already been sent across.

Thanks

Don

Actions

This Discussion