Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3768
Views
0
Helpful
1
Replies

ssh to/from various different cisco devices

littlejimm
Level 1
Level 1

‎01-22-2016 11:41 AM

Hello all.

Just a simple question concerning connecting to remote devices using ssh.  We have both Catalyst and Nexus equipment on the network, and somethat has been confusing me a little bit as far as remotely accessing them over ssh.

When connecting directly to the devices I have no issue, but when I'm already logged into a device and want to ssh directly to another device from that one is where its getting confusing I think.

While logged into a catalyst switch/router I can:

"ssh {ip}"  to connect to a remote catalyst switch -or-

"ssh -l {username} {ip}" to connect to a remote catalyst switch while using a predetermined username

how is this different when trying to connect from a catalyst device to a nexus device?  Is it the exact same commands used in the same fashion?  I ask because I've heard with the nexus devices there is a use for the @ symbol when trying to connect to remote devices over ssh or maybe im getting confused.  When trying to connect from a catalyst device into a nexus device using a device local username that exists on the nexus should I be using:

ssh -l {username}@{ip}?

or is it still:

ssh -l {username} {ip}

and is the whole {username}@{ip} something that I would only use when trying to ssh from a nexus device into a catalyst device?

Any help to understand where the {username}@{ip} is coming from would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

Mark Malone
VIP Alumni
VIP Alumni

‎01-23-2016 07:23 AM

Hey it depends on what way your authentication server is set up and what it requests as the condition to access the device , you can connect by dns name only , ip only , or username/mgmt. ip etc its not the Cisco device that's pushing that syntax it would be the radius/tacacs server or the specific type of access you set

Our NK devices like all our other devices ios/ios-xe etc are set to just access by there dns name but if dns is down they can also be accessed by username/ip bypassing dns and just hitting authentication server tacacs instead to give access that would be one case you would just use ssh mark@10.1.11.254 instead of ssh nk1-core or you could just ssh direct to mgmt. ip 10.1.11.254 etc

0 Helpful
Customers Also Viewed These Support Documents