Re: Configurar acesso SSH em switch c2960x

helder-ganhao · ‎09-06-2024

Tenho um switch Cisco c2960x de 24 portas, mas neste momento só com acesso telnet por via CLI (Putty). Necessito que o switch tenha acesso ssh e gostaria de saber quais os comandos certos para fazer esta configuração, sem estar ligado por consola, mas sim por Putty. Na imagem segue informações do switch assim como a seguinte configuração que acho estar relacionada com o modo de telnet:
line con 0
login local
line vty 0 4
login local
transport input all
line vty 5 15
login local
transport input all

Desde já agradeço toda a ajuda.

MHM Cisco World · ‎09-06-2024

You need

Username xxxx password xxxx

Enable password xxxx

And under vty

Privilege level 15

Also for ssh you need

Ip domain name xxx

crypto key generate rsa

MHM

paul driver · ‎09-06-2024

Hello @MHM Cisco World
fyi - Ip domain name xxx not required when you label the crypto key generation

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎09-06-2024

Hello
to enable ssh on the switch you need to do the following:
conf t
crypto key zeroize
crypto key generate rsa label LOCAL general-keys modulus 2048
ip ssh version 2

line vty 0 15
transport preferred none
transport input ssh
transport output ssh
end
wr mem

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

helder-ganhao · ‎09-06-2024

Hello paul driver thanks for your help.

Right now after do that sequence comands I not have acess by CLI with ssh or telnet.

The access to the switch maybe only by console

MHM Cisco World · ‎09-06-2024

Use

transport input all
transport output all

And you can access via telnet

For ssh

And did you do what I suggest before?

MHM

helder-ganhao · ‎09-06-2024

Hello MHM right now I don't have access phisical to switch to do access by console. And can access by CLI. And yes I do your suggest. I'm really newbie in this configurations of switchs, but I'll learn.

paul driver · ‎09-06-2024

Hello

@helder-ganhao wrote:

Hello paul driver thanks for your help.

Right now after do that sequence comands I not have acess by CLI with ssh or telnet.
The access to the switch maybe only by console

da.

Okay leave the cfg I asked yo to implement inplace for the time being.

Are you able to at least reach the switch via ssh or not, if not then you need to give the switch a mgt ip address

int vlan 1
ip address x.x.x.x y.y.y.y.y
not shut
eixt
ip default-gateway x.x.x.x

also I did notice you had login local applied to the vty lines, which indicates you have created a local user account on the switch, have you done that?

Again if not,
conf t
username xxx privilege 15 secret xxxx
exit

Make sure the above is applied and if not perform the above steps and test access once again please.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World · ‎09-06-2024

Friend never run command

transport input ssh
transport output ssh

Before you sure SSH work good

He can not anymore access SW

So he need to access via console

And make

transport input all
transport output all

After that he check ssh' in this case if he failed he can access via telnet

MHM

paul driver · ‎09-06-2024

hello
Op confirmed they had console access, hence no reason why not to apply ssh on the vty lines

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul