cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1544
Views
5
Helpful
3
Replies

SSH router to router

jkeeffe
Level 2
Level 2

I have the line ports on a couple of routers to allow for SSH only access which works just fine when I SSH from a PC. The routers have a crypto key generated and ACS is the tacacs server for authentication. The routers also have a local username/password for when the ACS is not available.

However once I'm SSH'd into one of the routers I'd like to be able to SSH from that router to another router.

What do I need to do to be able to do that?

Here is the config I have right now:

username xxxxxx password 7 xxxxxxxxx

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login vty line

aaa authentication login console line

aaa authentication enable default group tacacs+ enable

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

ip ssh time-out 60

ip ssh authentication-retries 2

ip ssh version 2

line vty 0 4

password xxx

transport input ssh

line vty 5 15

password xxx

transport input ssh

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

Jim

I am not sure that you need to do anything else. It may depend on the version of code but the IOS that I am running supports both SSH server (SSH to the router) and SSH client (SSH from the router to somewhere else).

lab_1841>ssh 10.26.0.1

Password:

router>

HTH

Rick

HTH

Rick

View solution in original post

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Jim

I am not sure that you need to do anything else. It may depend on the version of code but the IOS that I am running supports both SSH server (SSH to the router) and SSH client (SSH from the router to somewhere else).

lab_1841>ssh 10.26.0.1

Password:

router>

HTH

Rick

HTH

Rick

How simple is that! I tested it and it worked great. For some reason I was trying 'telnet xxx.xxx.xxx.xxx 22' instead of actually using the ssh command.

Thanks!

Jim

I love it when things are simple and they "just work".

Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read about a question and can know that they will read responses that successfully resolved the question. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco