Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

2960G SSH ISSUE

Hello,

I just purchased 3 2960Gs and I am wondering I grabbed the latest IOS I could find but SSH is not working. The list of available IOS has w/o crypto and lanbase. I grabbed the right one no? I mean w/o means without right??

Sh version

Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(50)SE3, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2009 by Cisco Systems, Inc.

Compiled Wed 22-Jul-09 07:03 by prod_rel_team

Image text-base: 0x00003000, data-base: 0x01200000

ROM: Bootstrap program is C2960 boot loader

BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

cab2sw2-2fl-2960g uptime is 41 minutes

System returned to ROM by power-on

System image file is "flash:/c2960-lanbase-mz.122-50.SE3.bin"

cisco WS-C2960G-48TC-L (PowerPC405) processor (revision E0) with 65536K bytes of memory.

Processor board ID FOC1315Z3CH

Last reset from power-on

1 Virtual Ethernet interface

48 Gigabit Ethernet interfaces

The password-recovery mechanism is enabled.

64K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address : 00:24:F7:AB:CA:80

Motherboard assembly number : 73-10300-08

Power supply part number : 341-0098-02

Motherboard serial number : FOC13153A4M

Power supply serial number : DCA1314926D

Model revision number : E0

Motherboard revision number : A0

Model number : WS-C2960G-48TC-L

System serial number : FOC1315Z3CH

Top Assembly Part Number : 800-27071-03

Top Assembly Revision Number : A0

Version ID : V03

CLEI Code Number : COM4A10BRC

Hardware Board Revision Number : 0x01

Switch Ports Model SW Version SW Image

------ ----- ----- ---------- ----------

* 1 48 WS-C2960G-48TC-L 12.2(50)SE3 C2960-LANBASE-M

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Bronze

Re: 2960G SSH ISSUE

You need this image c2960-lanbasek9-mz.122-50.SE3.bin

Re: 2960G SSH ISSUE

c2960-lanbasek9-mz.122-50.SE3.bin has a k9 as i mentionned earlier. make sure your image filename has a k9 if you want SSH feature.

13 REPLIES

Re: 2960G SSH ISSUE

You grabbed an image that does NOT have crypto. You need a crypto image for SSH to work.

w/o means without.

The image filename, when it's crypto will have a k9 in it.

Hall of Fame Super Bronze

Re: 2960G SSH ISSUE

You need this image c2960-lanbasek9-mz.122-50.SE3.bin

New Member

Re: 2960G SSH ISSUE

OK I got the w/o image but I didnt get the k9 one.

Many thanks

Re: 2960G SSH ISSUE

c2960-lanbasek9-mz.122-50.SE3.bin has a k9 as i mentionned earlier. make sure your image filename has a k9 if you want SSH feature.

New Member

Re: 2960G SSH ISSUE

Hi again. I have the version for ssh installed on the switch but when I get into the line interfaces to try and say only ssh for connecting I dont have that choice:

transport ?

output Define which protocols to use for outgoing connections

preferred Specify the preferred protocol to use

I should see the input option there right wich I would follow by ssh.

What is up?

Here is my sh version just to be sure:

cab2sw2-2fl-2960g#sh ver

Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE3, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2009 by Cisco Systems, Inc.

Compiled Wed 22-Jul-09 07:03 by prod_rel_team

Image text-base: 0x00003000, data-base: 0x01400000

ROM: Bootstrap program is C2960 boot loader

BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

cab2sw2-2fl-2960g uptime is 14 minutes

System returned to ROM by power-on

System image file is "flash:/c2960-lanbasek9-mz.122-50.SE3.bin"

Hall of Fame Super Bronze

Re: 2960G SSH ISSUE

That's very odd.

I found a 2960 with an older image around here and it has the 'transport input' available. This image is not even a SSH image.

(config-line)#transport ?

input Define which protocols to use when connecting to the terminal

server

output Define which protocols to use for outgoing connections

preferred Specify the preferred protocol to use

sh ver | i IOS

Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)

I wonder if 12.2(50)SE3 is introducing this behavior. Can you try 12.2(44)SE6 with K9 support?

__

Edison.

New Member

Re: 2960G SSH ISSUE

Hi Edison,

Thanks for your post. Here is the output you asked for:

cab2sw2-2fl-2960g#sh ver | i IOS

Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE3, REL EASE SOFTWARE (fc1)

It sure is odd.

Re: 2960G SSH ISSUE

c2960-lanbasek9-mz.122-25.SEE2.bin

I just tested this image and it works.

Have you configured a domain-name?

Have you created the crypto key?

cry key gen rsa gen mod 1024

You need the both of above in your config first.

New Member

Re: 2960G SSH ISSUE

Yes I created the keys:

cab2sw2-2fl-2960g#sh ip ssh

SSH Enabled - version 1.5

Authentication timeout: 120 secs; Authentication retries: 3

This is getting really wierd now....

And yes the domain name and host name were configured

Purple

Re: 2960G SSH ISSUE

Can't say I have ever seen that if the image is a K9 image thats loaded on any switch . So it doesn't take the transport inpuit command if you do the following?

conf t

line vty 0 15

transport input ssh

New Member

Re: 2960G SSH ISSUE

I got it!!

This what I did:

Recreated the keys and forced the use of version 2 and that did it ....

By default using a 1024 bit key size had me using version 1.99 of ssh

In global config mode I issued a

ip ssh version 2

command and that did it.

I now have the ability to do

transport input ssh

on my vty lines ...

Hurray!!!

Purple

Re: 2960G SSH ISSUE

sounds like a bug , have never had an issue using a 1024 bit key and the transport command.

Hall of Fame Super Bronze

Re: 2960G SSH ISSUE

Weird.

Transport input command was available on non-k9 images without any hostname and ssh enabled.

__

Edison.

1961
Views
0
Helpful
13
Replies