Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
63650
Views
24
Helpful
9
Replies

3750 SSH access

cisco-pix
Level 1
Level 1

‎06-19-2007 02:05 PM - edited ‎03-05-2019 04:49 PM

I am trying to set up SSH access toa 3750 switch, rather than standard telnet.

I am not able to configure this: should it be possible to?

Thanks

1 person had this problem
Labels:
0 Helpful
9 Replies 9

m-haddad
Level 5
Level 5

‎06-19-2007 03:38 PM

You need the IOS on the 3750 that supports SSH which is the crypto image. It seems you have LAN Based or IP based image without crypto support.

Hope this clarifies the issue,

Appreciate your rating,

Regards,

glen.grant
VIP Alumni
VIP Alumni

‎06-19-2007 04:02 PM

If your imagename does not have a K9 in the imagename it does not support ssh and you would have to get the crypto image from CCO.

0 Helpful

criss_noh
Level 1
Level 1

‎06-25-2007 11:39 PM

The below is the sample configuration.

username xxx password xxx

ip domain-name rack13.cisco.com

crypto key generate rsa

line vty 0 15

transport input ssh

login local

cisconoobie
Level 2
Level 2
In response to criss_noh

‎06-26-2007 09:05 AM

Add password ccie under vty

#line vty 0 15

#password ccie

0 Helpful

mylove142
Level 1
Level 1
In response to cisconoobie

‎06-26-2007 11:47 PM

How about ip domain-name? If I don't configure ip domain-name, I can run ssh? Please answer me early. Thank you very much.

0 Helpful

criss_noh
Level 1
Level 1
In response to mylove142

‎06-27-2007 03:04 AM

you need to set up ip domain-name because in order to creat encrpted password, you need to define username, ip domain-name and password.

hash alghorism reders those.

BUT you can configure as following. I just did and made sure it worked just now. ^^

====== config =======

step 1. ip ssh rsa keypair-name cisco

step 2. username cisco password 0 ccie

step 3. line vty 0 4

login local

transport input ssh

step 4. Rack19r1(config)#crypto key generate rsa general-keys label cisco

The name for the keys will be: cisco

Choose the size of the key modulus in the range of 360 to 2048 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.

How many bits in the modulus [512]:

% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

verification

Rack19r1#sh crypto key mypubkey rsa

% Key pair was generated at: 11:27:44 UTC Jun 27 2007

Key name: cisco

Usage: General Purpose Key

Key is not exportable.

Key Data:

305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B21FF5 9462464D

9FB4BCF0 B7E3F2FB 6EEFF876 E47D21C1 E1FB4E7F E4F2D1CC E72CC690 5B2B1D46

BF232E36 E9FD534C 3266FCB9 44F3F91B BDF18731 FC48D487 41020301 0001

% Key pair was generated at: 11:27:45 UTC Jun 27 2007

Key name: cisco.server

Usage: Encryption Key

Key is not exportable.

Key Data:

307C300D 06092A86 4886F70D 01010105 00036B00 30680261 009FE29E 208BEE91

6B94E74D 2E986806 AEC3A864 93A7BB35 57DEE4B4 14DCAC89 02A879D6 7FD52A44

853E2A7F FDAF13B4 914403FA D11C11E8 A5602A99 7B6EEF12 371F2885 04EDDF82

A8C27AB8 A19833E2 B63D143F 57CA4F82 9E4088F0 3113129A 73020301 0001

In opposited router

Rack19r2#ping 19.19.12.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 19.19.12.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Rack19r2#ssh -l cisco 19.19.12.1

Password:

Rack19r1>

TRY THIS solution. ^^

sorry for late response. I am a korean so local time is different.

HungryDog100
Level 1
Level 1
In response to mylove142

‎10-05-2018 01:18 PM

Without ip domain-name 'ABC.DEF' you will not be able to generate an RSA key pair (in this case, self-signed certificates.)  The RSA keys are required to initiate an SSH session because they are used to encrypt/decrypt the data that makes up the SSH session. 

 

This concept may sound confusing, or too in depth, but learning these concepts of the SSH session and configuration will ALWAYS be handy, as an engineer/admin you will be doing this configuration on almost every device on your production network. 

0 Helpful

ganeshjatms@gmail.com
Level 1
Level 1

‎10-05-2018 02:55 AM - edited ‎10-05-2018 02:57 AM

How to configure ssh on switch3750

Requirement

1.Serial Cable

  1. driver install com port
  2. LAN cable
  3. putty software

 

 

install steps

1.connect to serial cable to usb3.0 laptop

2.open putty and click on serial button.(please check attached screen shot)

 

  1. Switch>enable
  2. Switch(config)#
  3. Switch(config)#int vlan 1
  4. Switch(config-if)#ip add 192.168.10.1 255.255.255.0
  5. Switch(config-if)#no shutdown
  6. Switch(config-if)#exi
  7. Switch(config)#hostname ms
  8. ms(config)#ip domain-name ms.com

 

Generate the RSA Keys

  1. ms(config)#crypto key generate rsa
  2. ms(config)#line vty 0 15
  3. ms(config-line)#transport input ssh
  4. ms(config-line)#login local
  5. ms(config-line)#exit
  6. ms(config)#line console 0
  7. ms(config-line)#logging synchronous
  8. ms(config-line)#login local
  9. ms(config-line)#exit

Create the username password

 

  1. ms(config)#username ms password ms
  2. ms(config)#enable secret ms@123
  3. ms(config)#service password-encryption

Verify SSH access

  1. ms#sh ip ssh
  2. ms#sh ip int bri

 

now connect port 3/0/1 through lan and give ip on lan port 192.168.10.1 and check gateway 192.168.10.1 is able to ping or not

 

  1. ms#sh int fa3/0/1
  2. login as: ms
  3. ms@192.168.10.1's password:

 

 

Preview file
31 KB
0 Helpful

GaarithKivijarvi96345
Level 1
Level 1

‎04-19-2020 07:25 PM

use: 

username {name} secret {password}

instead of:

username {name} password {password}

 

password is clear text, secret will generate a md5.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card