EasyManuals Logo

Cisco WS-C6506 User Manual

Cisco WS-C6506
1488 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #589 background imageLoading...
Page #589 background image
20-13
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 20 Checking Status and Connectivity
Using Secure Shell Encryption for Telnet Sessions
Note If you are using Kerberos to authenticate connections to the switch, you will not be able to use Secure
Shell encryption.
Note Catalyst 6500 series software release 8.7(1) supports SSH keyboard interactive authentication methods
such as S/KEY, one-time-pads, hardware tokens that print a number or string, and other legacy
authentication methods with RADIUS and TACACS servers. For SSH keyboard interactive
authentication to work, ensure that the Apply password change rule checkbox is checked on the
Authentication Server Group Setup page on the RADIUS/TACACS server. The keyboard interactive
authentication method works only with SSH V2 and the blank password mechanism is supported only
with TACACS authentication.
To enable Secure Shell encryption on the switch, perform this task in privileged mode:
This example shows how to create the RSA host key:
Console> (enable) set crypto key rsa 1024
Generating RSA keys.... [OK]
Console> (enable) set ssh mode v2
SSH protocol mode set to SSHv2 Only.
Console> (enable) show ssh
Session Protocol Cipher State PID Userid Host
------- -------- ------ ----- --- -------- -----
0 V2 3DES SESSION_OPEN 146 dkoya 171.69.66.45
1 V1 3DES SESSION_OPEN 147 - dove.cisco.com
SSH server mode : V1 and V2
Console> (enable)
The nbits value specifies the RSA key size. The valid key size range is from 512–2048 bits. For SSH
version 2, the minimum recommended key size is 768 bits. A key size with a larger number provides higher
security but takes longer to generate.
You can enter the optional force keyword to regenerate the keys and suppress the warning prompt of
overwriting existing keys.
Task Command
Step 1
Create the RSA host key. set crypto key rsa nbits [force]
Step 2
Set the SSH version.
Note If you do not specify the
v1 or the v2 keyword,
SSH operates in
compatibility mode.
set ssh mode {v1 | v2}
Step 3
Clear the SSH mode
configuration.
clear ssh mode
Step 4
Display the SSH configuration
information.
show ssh

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C6506 and is the answer not in the manual?

Cisco WS-C6506 Specifications

General IconGeneral
BrandCisco
ModelWS-C6506
CategorySwitch
LanguageEnglish

Related product manuals