Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

SSH enable on switches

Hi,

I am trying to configue ssh on Cat 3750 & cat 3560 switches so that users cannot access directly through telnet to the switches instead they need to use ssh(say putty utility)to connect to switches.

Problem - Once I login to switch through ssh (using say putty utility).from next time it allows access through telnet for all users.

Below is the config

crypto key generate

ip ssh timeout 120

ip ssh auth-retries 3

line vty 0 4

login local

transport input ssh

Is there any thing else to be configured to enable ssh.

IOS ver is c3560-ipbasek9-mz.122-25.SED.bin.

Regds

KMS

2 REPLIES

Re: SSH enable on switches

hi

The domain which is required to generate the key is missing in ur config which you have posted here.

is it due to typo error ?? without that you will get error message while generating the pub key.

also can you check which version of SSH ur running using show ssh command in ur switches ??

if its version 1 can you change that to version 2 and check out ?

that you can configure using ip ssh version 2 ..

regds

Hall of Fame Super Gold

Re: SSH enable on switches

With the transport input ssh I am surprised if vty 0 4 would allow telnet. Some versions of IOS support more than the traditional 5 vty lines. Could you post the output of show line. And if you get someone who is able to telnet then do the command show line done when someone was on the box using tlenet.

HTH

Rick

377
Views
0
Helpful
2
Replies
CreatePlease to create content