cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
3425
Views
5
Helpful
5
Replies
Highlighted
Beginner

Set SSH as default for telnet from router

I usually initiate a connection from a router to another network device by simply typing the IP address of the destination I want and then press enter. That begins a telnet session.

Router#10.1.1.1       <--------- starts a telnet session, but I want it to use SSH instead

Is there a way to change that default to SSH so that when I just type the IP address it kicks off SSH instead of telnet?

I want it to behave as though I typed:

Router#ssh 10.1.1.1

P.S. Please don't suggest macros or alias soultions as this will not accomplish my goal in a dynamic fashion.

Everyone's tags (4)
5 REPLIES 5
Advisor

Set SSH as default for telnet from router

Hi,

line con 0

transport preferred ssh

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Beginner

Re: Set SSH as default for telnet from router

This is the output from implementing the preferred/output/input ssh.

----------------------------------------------------------------------------------------------------------------------------------------------------

CH-3750-core#sh run | b line

line con 0

transport preferred ssh

transport output ssh

line vty 0 4

privilege level 15

transport preferred ssh

transport input ssh

transport output ssh

line vty 5 15

privilege level 15

transport preferred ssh

transport input ssh

transport output ssh

!

ntp clock-period 36027693

ntp server 132.163.4.101

ntp server 132.163.4.103

ntp server 24.56.178.140

end

CH-3750-core#10.100.0.125

% Unknown command or computer name, or unable to find computer address

CH-3750-core#ping 10.100.0.125

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.100.0.125, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

I also configured the ssh source-interface to be on the same subnet I'm trying to get to. It still works if I use

----------------------------------------------------------------------------------------------------------------------------------------------------

CH-3750-core#ssh 10.100.0.125

----------------------------------------------------------------------------------------------------------------------------------------------------

I'm using a 3750x stack of 2 running code c3750e-universalk9-mz.122-55.SE5.bin.

Below is the output to the same router with different syntax to start the ssh session.

----------------------------------------------------------------------------------------------------------------------------------------------------

CH-3750-core#ssh 10.100.0.125

Password:

Router#

----------------------------------------------------------------------------------------------------------------------------------------------------

Advisor

Set SSH as default for telnet from router

Hi,

i've tried it and it didn't work so i made some research and apparently this is not possible. it still uses telnet  not ssh though the word ssh was used. I'll have to dig further to see the use of this keyword then.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Beginner

Re: Set SSH as default for telnet from router

Cadet,

Upon further investigation, I think  it is not possible to change the default behavior. I was reading another forum here and they were discussing something VERY similar to the issue I am asking about, but not quite the same. I believe the reasoning is something like this:

Simply entering the ip address initiates (or attempts to, anyway) a telnet session. Because the transport output ssh command was used you get the results listed above. This means that any time you want to ssh from a cisco router/switch/device you have to use the key word ssh x.x.x.x (with other switches if so desired, like -l for username) and cannot change the way the router interprets simply entering an IP address.

Thanks anyway for your attempt to answer my question.

Re: Set SSH as default for telnet from router

My understanding is the input command determines what protocols will be allowed in that line. The output command define what protocol you may use to connect to a device going out. so if you do the following:

line vty 0 15

transport input ssh

transport output ssh

This device can only be connected to by SSH (on the VTY lines console is a separate line) and will only connect to other devices  via SSH. This however does not change the default action of the router but prevents it from sending out the telnet request.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards