To enable SSH you need to have generated RSA keys. And to generate RSA keys you need to specify a router name and domain name. The other thing to be careful about is the version of code that the switches are running and whether that code supports encryption, which is necessary for SSH. Please tell us the exact file name of the image that the switches are running. If the file name includes k9 in the name then it does support encryption. Without k9 in the name then the image does not support encryption and so will not be able to enable SSH.

HTH

Rick

Hi,

thanks for that, i've added all the commads as suggested, rebooted, but I still get an error when typing ssh

Switch1#ssh
% Unrecognized command

coming back to your first post, the device should accept the command "ip ssh server"

please post output of "show ip ssh"  or maybe attach output of "show running-config"

The command guide specifies these to enable

     ip ssh password-auth

     ip ssh pubkey-auth [auto-login]

 auto-login—Specifies that the device management AAA authentication (CLI login) is not needed. By default, the login is required after the SSH authentication

But you mention the "ssh" command is not accepted?

just to be sure you did configure an ip-adress on the system(s)?

and maybe this options need to be added, either on the command line or by configuration command

/password password

Specifies the password to use when logging in on the remote networking device running the SSH server. If the keyword is not specified, the password configured by the ip ssh-client password command is used. If this keyword is specified the the /user keyword must be specified too.

/source-interface interface-id

Specifies the source interface which minimal IPv4/v6 address will be used as the source IPv4/v6 address. If the keyword is not specified, the source IPv4/IPv6 address configured by the ip ssh-client source-interface command is used.

/user user-name

Specifies the user name to use when logging in on the remote networking device running the SSH server. If the keyword is not specified, the user name configured by the ip ssh-client username command is used. If this keyword is specified the /password keyword must be specified too.

im starting to tthink this is a bit buggy? I've managed to enable telnet using pretty much the same method, but from the switch Icannot SSH to another as the command is not there? telent works fine. I have another switch that has been configured by someone else and works and I cant see what the difference is in the config?

hostname VA-DST-SW01
aaa authentication login authorization SSH local
aaa authentication enable authorization SSH enable
aaa authentication login authorization TELNET local
aaa authentication enable authorization TELNET enable
line telnet
login authentication TELNET
enable authentication TELNET
password XXX
exit
line ssh
login authentication SSH
enable authentication SSH
password XXX
exit
username XXX password encrypted XXX privilege 15
ip ssh server
ip domain name XXX
ip telnet server

Could you post the exact file name of the image running in both switches. Would like to verify that they are running exactly the same code.

HTH

Rick

Base image on both switches

Active-image: flash://system/images/image1.bin
  Version: 2.0.0.73