02-04-2017 05:38 AM - edited 03-08-2019 09:11 AM
conf t
enable password ____
or
line vty 0 4
password ____
login
which password will be used for SSH'ing when only the 'login' command is used under vty?
Solved! Go to Solution.
02-04-2017 06:00 AM
Hi
set up:
conf t
line vty 0 4
login local
It will use the local credentials created on you device (local database example: username cisco priviledge 15 password test123), also include this command:
transport input ssh under the line vty 0 4
Be sure aaa new-model is disabled: no aaa new-model. Enable command is used to allow access to priviledge EXEC mode.
Please check these websites:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/b_sec_152ex_2960-x_cg_chapter_01001.html
http://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
Please rate the comment if it is useful :-)
02-04-2017 06:00 AM
Hi
set up:
conf t
line vty 0 4
login local
It will use the local credentials created on you device (local database example: username cisco priviledge 15 password test123), also include this command:
transport input ssh under the line vty 0 4
Be sure aaa new-model is disabled: no aaa new-model. Enable command is used to allow access to priviledge EXEC mode.
Please check these websites:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/b_sec_152ex_2960-x_cg_chapter_01001.html
http://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
Please rate the comment if it is useful :-)
02-04-2017 06:27 AM
Julio Moisa
yes it was helpful
yes i configured the router for SSH with the crypto key and ip domain-name stuff
i actually only configured an ENABLE PASSWORD...no username or anything
SSH still worked for me
is that supposed to be?
here is my Router configs
Router#conf t
hostname R1
line vty 0 4
password ___
login
transport input ssh
exit
enable password ______
ip domain-name josh.com
crypto key generate rsa 1024 (in Packet Tracer, there is no 'modulus' part used for some reason)
ip ssh version 2
ip ssh authentication-retries 3
ip ssh-timeout 40
PC>ssh -l ____ 188.15.9.9
i used both my ENABLE password AND my vty password and it worked both times
02-04-2017 06:28 AM
hi, yes could be but the best practice is to use credentials :-)
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide