Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1114
Views
4
Helpful
4
Replies

SSH access to 4006 switch

ctheisen
Level 1
Level 1

‎10-31-2006 11:04 AM - edited ‎03-10-2019 02:49 PM

I'm trying to enable SSH-only access to a Cisco 4006 running CAT OS 8.4(11)GLX with local authentication. SSH works fine, but telnet access is still available. How can I disable telnet access?

Labels:
0 Helpful
4 Replies 4

m.sir
Level 7
Level 7

‎10-31-2006 11:35 AM

Try

set ip permit disable telnet

M.

ctheisen
Level 1
Level 1
In response to m.sir

‎11-08-2006 06:50 AM

Thanks; tried this command, but telnet still allowed.

0 Helpful

Collin Clark
VIP Alumni
VIP Alumni
In response to ctheisen

‎11-08-2006 09:58 AM

Do a show conf and look for the following-

#permit list

set ip permit enable telnet

set ip permit enable ssh

set ip permit enable snmp

set ip permit 10.1.2.17 ssh

set ip permit 10.1.2.17 snmp

If you want to have SSH only, change the permit statements to reflect SSH only. In the example above 10.1.2.17 can SSH and SNMP to the switch. If it's blank after the IP, that means the IP can do everything that is enabled. Using the above example that means 10.1.2.17 could telnet, ssh, and snmp because all three protocols are enabled. If your admins already have 'all' access, remove 'all' access and then add SSH and any other protocols.

clear ip permit 10.1.2.17 255.255.255.255 all

set ip permit 10.1.2.17 ssh

set ip permit 10.1.2.17 snmp

0 Helpful

ctheisen
Level 1
Level 1
In response to Collin Clark

‎11-27-2006 01:19 PM

Thanks for the input. I configured as suggested, but still was able to telnet. I just set ip permit enabled for telnet, and didn't specify a list of addresses; that stopped telnet access.

0 Helpful
Customers Also Viewed These Support Documents