08-22-2007 07:30 AM - edited 03-05-2019 06:02 PM
I have the line ports on a couple of routers to allow for SSH only access which works just fine when I SSH from a PC. The routers have a crypto key generated and ACS is the tacacs server for authentication. The routers also have a local username/password for when the ACS is not available.
However once I'm SSH'd into one of the routers I'd like to be able to SSH from that router to another router.
What do I need to do to be able to do that?
Here is the config I have right now:
username xxxxxx password 7 xxxxxxxxx
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication login vty line
aaa authentication login console line
aaa authentication enable default group tacacs+ enable
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
line vty 0 4
password xxx
transport input ssh
line vty 5 15
password xxx
transport input ssh
Solved! Go to Solution.
08-22-2007 07:57 AM
Jim
I am not sure that you need to do anything else. It may depend on the version of code but the IOS that I am running supports both SSH server (SSH to the router) and SSH client (SSH from the router to somewhere else).
lab_1841>ssh 10.26.0.1
Password:
router>
HTH
Rick
08-22-2007 07:57 AM
Jim
I am not sure that you need to do anything else. It may depend on the version of code but the IOS that I am running supports both SSH server (SSH to the router) and SSH client (SSH from the router to somewhere else).
lab_1841>ssh 10.26.0.1
Password:
router>
HTH
Rick
08-22-2007 08:16 AM
How simple is that! I tested it and it worked great. For some reason I was trying 'telnet xxx.xxx.xxx.xxx 22' instead of actually using the ssh command.
Thanks!
08-22-2007 08:24 AM
Jim
I love it when things are simple and they "just work".
Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read about a question and can know that they will read responses that successfully resolved the question. I encourage you to continue your participation in the forum.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: