Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

LMS Telnet / SSH Access

Hi

I want to enable SSH access to my switches and disable telnet access. Do I need to allow telnet access still from my CiscoWorks LMS server or will the LMS server be able to carry out all necessary tasks with telnet disabled.

1 ACCEPTED SOLUTION

Accepted Solutions
Red

Re: LMS Telnet / SSH Access

You are correct, Check Device Attributes does not use SSH

Try Netconfig or Network Show and see if these work.

These are the only two applications within RME that do not use SNMP / TFTP.

7 REPLIES
Red

Re: LMS Telnet / SSH Access

Both LMS 2.2 and 2.5 will use SSH if Telnet fails (and vice versa)

What version are you running?

Community Member

Re: LMS Telnet / SSH Access

Hi nhabib and thanks for the reply.

We are running LMS 2.2.

We also have an ACS server authenticating and authorizing. I am assuming then that if I enable SSH, when specifying the device attributes the following settings will be OK:

Read Community

Write Community

Telnet

Enable Secret

Enable

TACACS

Local User

Basically then, with telnet disabled on the switches and SSH enabled, when LMS attempts to perform an operation that requires a login session to the switch it will use my TACACS specified username and password to gain SSH access (Is that correct ?).

Red

Re: LMS Telnet / SSH Access

You are correct. You may also go to RME -> Admin -> Config Management -> General Setup and move SSH to the top of the list.

Keep in mind that LMS 2.2 does not support SSH version 2

Community Member

Re: LMS Telnet / SSH Access

Hi again

I have now enabled SSH on one of my switches (and disabled telnet access) and it seems to be working OK. RME can still download config files from this switch. I am wondering however if disabling telnet will affect any othere neccesary tasks that LMS needs to perform . I have tested the device atributes that I have configured against this switch and now the TACACS, TACACS Enable and Local User attributes all fail the test. I presume this is because the test is being performed using telnet.

Red

Re: LMS Telnet / SSH Access

You are correct, Check Device Attributes does not use SSH

Try Netconfig or Network Show and see if these work.

These are the only two applications within RME that do not use SNMP / TFTP.

Community Member

Re: LMS Telnet / SSH Access

Thanks again for the info :-)

Community Member

Re: LMS Telnet / SSH Access

Hi, It´s me again.

I seem to be having a problem with software distribution. I get a an error specifying that RME could not connect using Telnet. I can see no option to use SSH under Administration > Software Management > Preferences (only an option to "Use RCP for image transfer (When applicable) ").

Could it be that the software distribution part of RME needs to have telnet enabled or perhaps I´m missing a config option for SSH.

Thanks in advance (again).

296
Views
0
Helpful
7
Replies
CreatePlease to create content