Re: Cisco 2960 commands found for ssh, telnet.

13jobsp90 · ‎11-03-2024

Can u pls explain in detail about the below commands which I found for 2960 switch model, its significance?

line con 0
exec-timeout 2 40
line vty 0 4
session-timeout 3
exec-timeout 0 0
transport preferred none
transport input ssh
transport output ssh
line vty 5 15
session-timeout 3
exec-timeout 0 0
logging synchronous
transport preferred none
transport input ssh
transport output ssh

Flavio Miranda · ‎11-03-2024

@13jobsp90

1. `line con 0`

Explanation: This command specifies that the configuration is for console line 0, which is the physical console port of the device.

2. `exec-timeout 2 40`

Explanation: This command sets an inactivity timeout for the console line. The timeout value here is 2 minutes and 40 seconds. After this period of inactivity, the user will be logged out of the console session automatically.
- Syntax: exec-timeout <minutes> <seconds>

3. `line vty 0 4`

Explanation: This command specifies the configuration for the first five virtual terminal lines (VTY 0 to 4). VTY lines are used for Telnet or SSH access to the device.

4. `session-timeout 3`

Explanation: This sets the session timeout for the VTY lines to 3 minutes. After this period of inactivity, the user will be logged out of the session.

5. `exec-timeout 0 0`

Explanation: This command sets an inactivity timeout of 0 minutes and 0 seconds for the VTY lines, effectively disabling the timeout. The session will remain active indefinitely unless the user manually logs out.

6. `transport preferred none`

Explanation: This command disables any preferred transport protocol, allowing the device to not default to any specific protocol like Telnet or SSH when accessing the VTY lines.

7. `transport input ssh`

Explanation: This command specifies that only SSH is allowed as the input protocol for remote connections to the VTY lines, enhancing security by preventing Telnet access.

8. `transport output ssh`

Explanation: This command allows only SSH as the output protocol on the VTY lines, restricting outbound connections from the device to SSH only.

9. `line vty 5 15`

Explanation: This command specifies configuration for additional VTY lines (5 to 15). Cisco devices may have more than five VTY lines depending on the model, allowing multiple simultaneous remote sessions.

10. `session-timeout 3`

Explanation: Similar to the previous session timeout command, this sets a 3-minute session timeout for VTY lines 5 through 15.

11. `exec-timeout 0 0`

Explanation: Sets no timeout for VTY lines 5 through 15, so the session will not automatically disconnect due to inactivity.

12. `logging synchronous`

Explanation: This command prevents log messages from interrupting the command line input by displaying them on a new line. This improves the user experience during configuration by keeping the prompt clean.

13. `transport preferred none`

Explanation: Disables any preferred transport protocol on VTY lines 5 to 15.

14. `transport input ssh`

Explanation: Allows only SSH as the input protocol on VTY lines 5 to 15.

15. `transport output ssh`

Explanation: Allows only SSH as the output protocol on VTY lines 5 to 15.

13jobsp90 · ‎11-05-2024

what is the difference between "line vty 5 15 & line vty 0 4"? Why it is needed?

Joseph W. Doherty · ‎11-05-2024

It's an "artifact" from when Cisco only supported 5 lines. Lines 5..15 were added later.

marce1000 · ‎11-03-2024

- FYI : How to Ask The Community for Help
If you do searching or exact searching on a specific command ; you will get lot's of into's

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

MHM Cisco World · ‎11-03-2024

First the command you share is not complete' it need login/password.

Second

Transport Input vs output' what is different?

Case1

Host-SW1

Here from ssh you want to access SW1 then you need input

Case2

Host-SW1-SW2

Here from host you access to SW1 and from there you want to access SW2 here ypu need in SW1 both input and output

MHM

13jobsp90 · ‎11-04-2024

So i dont get your point? Can u pls explain the difference? Is there anything wrong here? Pls guide me

Joseph W. Doherty · ‎11-03-2024

BTW, Cisco's documentation is generally excellent. Have you tried reading the command reference or configuration guides for your platform's running IOS?

Cisco also has additional articles about using many of its features.

The above might be found on Cisco's main site under support.

If your platform is an end-of-life model (example), from which Cisco has removed its documentation, similar newer models documentation is often relevant (example example).

13jobsp90 · ‎11-03-2024

I couldnt find 2960 documentation may be it is end of support.

Joseph W. Doherty · ‎11-04-2024

"I couldnt find 2960 documentation may be it is end of support."

If your 2960 is an end-of-life model, like my first example, that's correct, Cisco pulls documentation.

However, later series often continue to use the same configuration statements, so the ones you list are very likely documented in later series documentation, as I suspect is the case and might be seen in other two examples I provided.

Further, although I didn't mention it in my prior reply, very often the same configuration statements are found across a family of IOS, regardless of actual platform.

So, did you even try examination of my latter two references?

Cisco 2960 commands found for ssh, telnet.

1. line con 0

2. exec-timeout 2 40

3. line vty 0 4

4. session-timeout 3

5. exec-timeout 0 0

6. transport preferred none

7. transport input ssh

8. transport output ssh

9. line vty 5 15

10. session-timeout 3

11. exec-timeout 0 0

12. logging synchronous

13. transport preferred none

14. transport input ssh

15. transport output ssh