Re: Enabling SSH on SG300-20

ron.joffe · ‎02-02-2011

I had some issues with this, and was not able to find an answer in the help or searching the web. In order to help the next person, here are the instructions:

I have a brand new SG 300-20 switch, and I am attempting to add ssh to the login capabilities.

Using the web interface I have enabled SSH Service in the Security-TCP/UDP Services.

I am not able to access ssh, port scans (nmap) also do not show port 22 open.

The missing key is the generation of SSH crypto keys.

1. Using the web interface enabled telnet in the Security-TCP/UDP Services section

2. Log in via telnet

3. Traverse tree to : System Configuration Menu - Management Settings - SSH Configuration - SSH Crypto Key Generation

4. Choose the Execute action.

That's it.

ssh away !

David Hornstein · ‎02-02-2011

Hi

I used your method to generate a RSA key.

I gotta say when i had a look at the algorithm used, as per the screen capture below.

I saw AES256 with Cipher block chaining.. sure looks pretty darn secure.

US government standards body produced the following;

http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf

According to section 2 of that document i am pretty happy and not concerned, cipher block chaining of AES-256.

This is very strong encryption..

I have attached a SSH wireshark capture of my SSH exchange between my PC and my SG300-10P

If you get can figure my userid, i will absolutely forward this posting to the Cisco Small Business Switch Product management team for immediate action .

regards Dave

mark.dumond · ‎04-14-2011

Thank you, this was helpful to me.

ammodevgun · ‎03-24-2016

Excellent thank you.