This parameter applies to the SSH negotiation phase. Specify the time-out value in seconds the default is 120 seconds. Ip ssh Įxample: Switch(config)# ip ssh timeout 90 authentication-retries 2 For example, if the SSH client supports SSHv1 and SSHv2, the SSH server selects SSHv2. If you do not enter this command or do not specify a keyword, the SSH server selects the latest SSH version supported by the SSH client.
Generating an RSA key pair for the switch automatically enables SSH. Noteįollow this procedure only if you are configuring the switch as an SSH server.Įxample: Switch(config)# ip domain-name your_domainĬonfigures a host domain for your switch.Įxample: Switch(config)# crypto key generate rsaĮnables the SSH server for local and remote authentication on the switch and generates an RSA key pair. SUMMARY STEPSĮxample: Switch(config)# hostname your_hostnameĬonfigures a hostname and IP domain name for your switch.
For more information, see Related Topics below. When configuring the local authentication and authorization authentication method, make sure that AAA is disabled on the console.Ĭonfigure user authentication for local or remote access. If itĭoes, you must configure an IP domain name by using the ipĭomain-name global configuration command. When generating the RSA key pair, the message No domain specified might appear. It does, you must configure a hostname by using the When generating the RSA key pair, the message No host name specified might appear. Reconfigure the hostname and domain, and then enter the crypto Rsa global configuration command, an RSA key pair has not been If you get CLI error messages after entering the crypto key generate
If the SSH server is running on a stack master and the stack master fails, the new stack master uses the RSA key pair generated by the previous stack master. Follow these guidelines when configuring the switch as an SSH server or SSH client:Īn RSA key pair generated by a SSHv1 server can be used by an SSHv2 server, and the reverse.
0 kommentar(er)
