05-08-2008 07:15 AM - last edited on 03-26-2019 10:34 AM by ciscomoderator
With telnet, you can get to another device by simply entering the destination IP address without prefixing with the command "telnet". As we are in the process of disabling telnet and replacing with SSHv2, is there any way of allowing ssh connections the same form of shortcut without having to prefix the IP address with the command "ssh"? Thanks in advance
05-08-2008 07:27 AM
ssh -l
this is the only way I know of.
05-08-2008 08:07 AM
Don
It is logical to hope that if you disable telnet and SSH becomes your default outbound protocol that you might be able to use the same shortcut and just enter the destination name or address to connect by SSH. But it does not seem to work that way.
I did a test to confirm that it will not just connect with SSH. I disabled telnet output and allowed only SSH output. I then entered the address of a router that is reachable and pressed enter. I received an error message indicating "unknown command or computer name". I then enabled telnet as an output transport and then entering just the destination address did connect me to the other router.
One refinement to the post by Jason. If you have authenticated to a router (connect remotely via SSH or authenticate through console connection) and want to SSH to some router using the same user name then you only need to ssh
HTH
Rick
05-09-2008 01:31 AM
Rick,
Thanks for confirming what I found in testing. I did also note like yourself, that if you have already authenticated onto a box (in my case I was using TACACS+) then entering "ssh 192.168.1.1" for example would go straight to the password prompt on the target device 192.168.1.1, and your username has already been sent across. So guess what you lose by having to type "ssh" you gain in not having to enter your username!
Thanks
Don
05-09-2008 01:24 AM
Jason,
thanks for the reply. Rick in a later post has confirmed what I found in that it does not appear possible to simply put an IP address at the IOS prompt when jumping from one box to another when SSH is the only transport, like you can when telnet is enabled. I also found, like Rick that if you have already authenticated onto a box (in my case I was using TACACS+) then entering "ssh 192.168.1.1" for example would go straight to the password prompt on the target device 192.168.1.1, and your username has already been sent across.
Thanks
Don
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: