Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
551
Views
0
Helpful
1
Replies

Why does telnet work when SSH is disabled (due to missing crypto)?

vikram4
Level 1
Level 1

‎07-27-2020 04:14 AM

We upgraded a cisco 45xx series switch. We accidentally used a image that did not have crypto config in it (K9 was missing). So we could not SSH into device after upgrade however we were able to telnet.

Why did the device allow us to telnet when we had defined only ssh in 'transport input' command? When SSH got disabled, my perception is that we should never have been able to to login.

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎07-27-2020 07:07 AM

When "transport input ssh" is configured, you should not be able to telnet to that box.

I have two assumptions here (I do not have a switch without k9 to test):

  1. The above command got removed because it's not valid without a crypto-image. And the default is that telnet is allowed.
  2. Perhaps "transport input ssh" was not set on all VTY lines.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card