Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Connecting via SSH

Hi all, I'm new to the board here and jsut recently completed the CCNA course (but have yet to take the certification exam).

I am trying to lock down a Cat 3560 switch by enabling only SSH on teh switch. I have loaded the proper software image and have the switch configured for deployment. I have generated the RSA key and created a user on the switch.

When i connect using putty I am give the username prompt, however it doesn't seem to recognize the login credentials.

Have I missed a step? I followed the guide listed here http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00801e85c7.html#wp1204672 but cannot connect.

Any help would be most apprecieated!

J

4 REPLIES
Hall of Fame Super Gold

Re: Connecting via SSH

Jack

Telling us what model you followed is a good start. But we can hardly analyze the problem without knowing what you did - what parts of the model did you follow correctly and what parts did you not understand or skip? It would be very helpful if you would post the configuration. It would also be helpful if you would post the output of show ip ssh. And if there is any error message displayed it would be good to know exactly what the message says (as a starting point I am not sure whether the problem is a failure in authentication or a failure in authorization - and the error messages are so similar that it is easy to be confused).

HTH

Rick

Community Member

Re: Connecting via SSH

As Rick said, its always a good idea to post the relevant config from the device your having a problem with. In this case to access a 3560 via SSH the following commands should be all that's required:

conf t

username ssh password Pa55word

enable secret 3nable

hostname Switch

ip domain-name YourDomain.com

crypto key generate rsa general-keys modulus 1024

line vty 0 4

transport input ssh

As you probably know, define the switch's hostname and domain name. Then create the crypto key. Specify ssh access under lines 0 to 4 of the virtual terminal. Lastly ensure that you have a privilege exec password as well username\password. A password defined under line vty isn't required. For SSH you just need a username & password defined (username ssh password Pa55word). Although I'm not 100%, test for yourself.

Community Member

Re: Connecting via SSH

Well I got things working after I posted this thread. I'm not exactly sure what the problem was, but when I created a new user account, that one was able to log in without difficulty. I did also add these lines to my config, but if they aren't nescessary I'd like to remove them, as I don't see a need to login with username/password credentials from the console:

!

username user privilege 15 password 7 xxxxxxxxx

username user2 privilege 15 password 7 xxxxxxxxxx

aaa new-model

aaa authentication login default local

!

!

line con 0

password xxx

line vty 0 4

password xxx

transport input ssh

line vty 5 15

!

end

Community Member

Re: Connecting via SSH

heh, okay.

I got rid of the

aaa new-model

and everything seems fine now.

Thanks for watching me work through this ;)

Jack

211
Views
0
Helpful
4
Replies
CreatePlease to create content