Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Only SSH and NO Telnet

All,

I have been using telnet for a while now to access my routers now that my routers are configured to use SSH 2 our security group wants us to nix the telnet access all together. As simple as it may be I never have done it. Can anyone instruct me on how to totally turn off telnet on a router. Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Only SSH and NO Telnet

line vty 0 4

transport input ssh

If its a Catalyst then there are 16 vty lines by default so:

line vty 0 15

transport input ssh

HTH

Andy

4 REPLIES

Re: Only SSH and NO Telnet

line vty 0 4

transport input ssh

If its a Catalyst then there are 16 vty lines by default so:

line vty 0 15

transport input ssh

HTH

Andy

New Member

Re: Only SSH and NO Telnet

Hi, have just done this using the following commands on the vty's:-

line vty 0 15

transport input ssh

transport output ssh

This should remove the ability to both telnet to and from the device. It appears the default is "transport input telnet" and "transport output telnet" but this doesn't show in the config. If you want BOTH telnet & ssh, then use "transport input telnet ssh" and "transport output telnet ssh"

Regards

Don

Bronze

Re: Only SSH and NO Telnet

Ensure that you have the transport output ssh command in there, otherwise if you try to ssh from one device to another it's not going to work.

Hall of Fame Super Silver

Re: Only SSH and NO Telnet

Thomas

While configuring transport output ssh might be a good idea it is certainly not required. SSH as an output transport is enabled by default. I frequently SSH from one router to another and the router from which I initiate the SSH does not have transport output ssh configured.

But as Don pointed out, if you want to disable outbound telnet then you do need to configure transport output ssh.

That configuration is required to disable telnet, it is not required to enable ssh.

HTH

Rick

319
Views
0
Helpful
4
Replies