Table of Contents
Advertisement
Configuring Switch-Based Authentication
How to Configure Switch-Based Authentication
Command
4.
crypto key generate rsa
5.
ip ssh version [1 | 2]
6.
ip ssh {timeout seconds |
authentication-retries number}
7.
line vty line_number
[ending_line_number]
transport input ssh
8.
end
9.
show ip ssh
or
show ssh
Purpose
Enables the SSH server for local and remote authentication on the switch
and generates an RSA key pair.
We recommend that a minimum modulus size of 1024 bits.
When you generate RSA keys, you are prompted to enter a modulus
length. A longer modulus length might be more secure, but it takes longer
to generate and to use.
(Optional) Configures the switch to run SSH Version 1 or SSH Version 2.
1—Configures the switch to run SSH Version 1.
2—Configures the switch to run SSH Version 2.
If you do not enter this command or do not specify a keyword, the SSH
server selects the latest SSH version supported by the SSH client. For
example, if the SSH client supports SSHv1 and SSHv2, the SSH server
selects SSHv2.
Configures the SSH control parameters.
Specifies the time-out value in seconds; the default is 120 seconds.
The range is 0 to 120 seconds. This parameter applies to the SSH
negotiation phase. After the connection is established, the switch
uses the default time-out values of the CLI-based sessions.
By default, up to five simultaneous, encrypted SSH connections for
multiple CLI-based sessions over the network are available (session
0 to session 4). After the execution shell starts, the CLI-based
session time-out value returns to the default of 10 minutes.
Specifies the number of times that a client can reauthenticate to the
server. The default is 3; the range is 0 to 5.
Repeat this step when configuring both parameters.
(Optional) Configures the virtual terminal line settings.
Enters line configuration mode to configure the virtual terminal line
settings. line_number and ending_line_number specifiy a pair of
lines. The range is 0 to 15.
Specifies that the switch prevent non-SSH Telnet connections. This
limits the router to only SSH connections.
Returns to privileged EXEC mode.
Shows the version and configuration information for your SSH server.
Shows the status of the SSH server on the switch.
180
- Quick Links:
- Configuration Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
