Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3612
Views
0
Helpful
6
Replies

SSH login local in root

billetj09
Level 1
Level 1

‎02-11-2013 05:47 AM

Hello everybody,

I have a very problematic situation here.

I have configure on a Cisco 2960 the vty line in a wrong manner and now I am stock.

To configure those vty to enable ssh I have typed :

line vty 0 4

login local

password xxxx

line vty 5 15

login local

password xxxx

exit

Problem, I work remotely (I was on telnet while doing this). I have no username configure as I thought that root user would work.

Now when I issue an ssh to my switch, I always failed authentication.

Any idea how I could recover access to my switch without being physically there ?

I have write the config in memory, otherwise it would have been too easy.

Thanks for your help.

JB

Labels:
0 Helpful
6 Replies 6

kcnajaf
Level 7
Level 7

‎02-11-2013 06:07 AM

Hi Jean,

In order to enable ssh on vty line you will have to enter "transport input ssh" under vty after enabling ssh. It looks like you have not done that yet from your configurations.

conf terminal

line vty 0 4

transport input ssh


If you have not yet enabled ssh please follow below steps to enable ssh, do the following from the global configuration mode:


1) Configure the Hostname on the Switch

Router(config)# hostname CISCO

2) Configure the Domain name for the Cisco Switch

CISCO877(config)# ip domain-name cisco.com

3) Generate a RSA Key Pair

CISCO877(config)# crypto key generate rsa

I assume with current configuration which you posted above you still have telnet access to the device.

Hope that helps

Regards

Najaf

Please rate when applicable or helpful !!!


0 Helpful

billetj09
Level 1
Level 1
In response to kcnajaf

‎02-11-2013 06:31 AM

Sorry, that was just an extract.

I had :

line vty 0 4

transport input ssh

login local

password xxxx

line vty 5 15

transport input ssh

login local

password xxxx

JB

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to billetj09

‎02-11-2013 06:52 AM

Back to Najaf's suggestion - have you created the RSA key? You will also need a local username with level 15 privilege.

If not, the only access method you can use will be console since your vty is now locked down to ssh only and the pieces necessary for ssh all need to be present for it to work over vty.

0 Helpful

kcnajaf
Level 7
Level 7
In response to billetj09

‎02-11-2013 06:54 AM

Hi Jean,

Sorry to say that in that case you have really locked out :-( Only option which i'm aware is to reconfigure this through console for again you would need console access.

Regards

Najaf

0 Helpful

billetj09
Level 1
Level 1
In response to kcnajaf

‎02-11-2013 09:27 AM

Thanks guys. I've managed to get someone with the physicql hqnd on the switch to get me out of trouble. I had an RSA key but no username and that was my stupid mistake here

Problem solved anyway.

Thanks

JB

0 Helpful

nathan_tran
Level 1
Level 1
In response to billetj09

‎05-12-2014 03:13 PM

Hi JB,

I'm currently in the same pickle. I had create a username and enabled login local on my switch. I later decided to remove the user but forgot to remove the login local restrictions. Now I'm not able to log into my switch without the username. How did you resolve your issue. Did you have to restore the switch configuration to a previous copy of the config file?

 

Thanks,

Nathan

0 Helpful
Customers Also Viewed These Support Documents