From: Joe Yohannan (joe1265@hotmail.com)
Date: Fri Feb 16 2007 - 12:19:42 ART
Jo,
Two things: First the below config is missing a key item, you have to
generate the crypto keys after configuring your hostname and domain name:
crypto key generate rsa general-keys modulus 1024
Also, under you line config you are using no login to get in. If you'd like
to use the username you configured either use "login local" or config aaa
config and apply it to the line.
- Joe Yo
>From: "Jo Johnson" <groupstudyjo@gmail.com>
>Reply-To: "Jo Johnson" <groupstudyjo@gmail.com>
>To: "Cisco certification" <ccielab@groupstudy.com>
>Subject: configuring ssh
>Date: Fri, 16 Feb 2007 10:13:26 -0500
>
>Hi all,
>
>Can someone give me some feedback on my configuration below. I am trying
>to
>configure ssh and having some trouble understanding the doc cd's
>explanation.
>
>If I want to configure ssh on a device and restrict telnet access, I think
>I would use the below configuration. Also, what if I wanted to restrict
>other access, such as the global config mode, enable mode, etc:
>
>hostname R1
>
>ip domain-name cisco.com
>
>ip ssh version 2
>
>username ccie password cisco
>
>access-list 2 permit 130.10.22.0
>
>line vty 0 4
>
> access-class 2 in
>
> no login
>
> transport input ssh
>
>line vty 5 15
>
> access-class 2 in
>
> no login
>
> transport input ssh
>
>
>
>
>
>To configure both version 1 and 2 use the, no ip ssh version command and
>for
>version 1 only, ip ssh version 1 command.
>
>
>
>Thanks,
>
>Jo
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:46 ART