Scope
Most enterprise networks do not allow or desire Telnet to be used for terminal access to the switch. SSH is a more secure and flexible method to gain access to the switch remotely. The guide below shows a basic configuration to support SSH version 2 connections.
Global SSH Configuration
Switch>En
Switch#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#aaa new-model
Switch(config)#username AAAA privilege 15 secret Livewire
Switch(config)#ip http authentication local
Switch(config)#ip domain-name AXIA.LOC
Switch(config)#crypto key generate rsa
The name for the keys will be: Switch.AXIA.LOC
Choose the size of the key modulus in the range of 360 to 4096 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 4 seconds)
Switch(config)#ip ssh version 2
Switch(config)#line vty 0 15
Switch(config-line)#transport input ssh
Switch(config-line)#privilege level 15
Switch(config-line)#exec-timeout 0 0
Switch(config-line)#end
Switch(config)#wr
Building configuration...
[OK] |
No Password on Serial/USB Console Port
The serial port can be treated as an emergency way to gain access to your switch. For this reason, you may find it appropriate to omit any password requirements
Switch#conf t Switch(config)#line con 0 Switch(config-line)#no password Switch(config-line)#end Switch#wr Building configuration... [OK] |
