GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: SSH behaving like what it sounds like [7:97164] posted 02/25/2005
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Darn it, GroupStudy filtered out my response. I was trying to say that the
username is iluvfabio, and the password is routergod. :)

>>> John Neiberger 2/25/05 3:40:57 PM >>>
:)

>>> Priscilla Oppenheimer 2/25/05 3:30:19 PM >>>
Oh, and a username and password (which I won't tell you. :-)

Thanks for your help everyone.

Priscilla


Priscilla Oppenheimer wrote:
> 
> Worked like a charm when I tried it. I don't know why there
> were problems earlier.
> 
> Here's all it took
> 
> ip domain name csia.sou.edu
> !         
> ip ssh time-out 60
> ip ssh authentication-retries 2
> !
> line vty 0 4
>  login local
>  transport input ssh
> 
> crypto key gen rsa
> 
> Thanks everyone,
> 
> Priscilla
> 
> 
> jnemeth@xxxxxxxxxxxxxx (John Nemeth) wrote:
> > 
> > On Jul 18,  7:20am, "Priscilla Oppenheimer" wrote:
> > } John Neiberger wrote:
> > } > >>> Priscilla Oppenheimer 2/25/05 10:29:06 AM
> > } > >So we finally got an IOS that does Secure Shell (wouldn't
> > you think all
> > } > >versions would do it!?!) and now we're having a hard time
> > getting it to
> > } > >work.
> > } > >
> > } > >The examples in the 12.3 docs only talk about SSH on the
> > console line.
> > } >
> > }
> >
>
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fse


> > } > cur_c/fothersf/scfssh.htm 
> > } > >
> > } > >We want to allow it via VTY of course.
> > } > >
> > } > >Any configuration snippets you could share? Thanks,
> > } > 
> > } > All that's necessary to get SSH to work is to configure a
> > host name and
> > } > domain name, generate your crypto keys, and then allow SSH
> > as a transport on
> > } > the line in question. In your case, that would look like
> > this:
> > } > 
> > } > hostname po-router
> > } > !
> > } > ip domain-name po-is-cool
> > } > !
> > } > line vty 0 4
> > } >  transport input ssh
> > } > !
> > } > crypto key gen rsa
> > } > 
> > } > And that's about it!
> > } 
> > } Cute. Thanks, John. So, do we also need a username and
> > password?
> > 
> >      Yes.  You need to get it them from somewhere, whether it
> > be local,
> > RADIUS, TACACS, or whatever.  Doing it locally on the router
> is
> > probably easiest since you probably don't have an
> > authentication server
> > in the classroom.  Here's your sample config:
> > 
> > username xxx password yyy
> > !
> > line vty 0 4
> >  line local
> > !
> > 
> > Note that with IOS 12.3 for more security you can also do:
> > 
> > username xxx secret zzz
> > 
> > secret can't be used for passwords that are used for logging
> > into other
> > systems, since the router must be able to "decrypt" the
> > password in
> > order to send it to the remote system.
> > 
> > }-- End of excerpt from "Priscilla Oppenheimer"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=97186&t=97164
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html