Cisco 2511 and SSH (IOS 12.2)

Discussion in 'Cisco' started by ccannick, Mar 11, 2006.

  1. ccannick

    ccannick Guest

    We're using a 2511 as a console server to a rack of servers in our data
    closet. Telnetting into any server console port has been simple and
    straight-forward. I upgraded IOS to IOS 12.2 in order to use ssh to
    encrypt our console sessions.

    SSH connecting to the 2511 works fine. However I am now unable to
    connect to any of the consoles connnected to the system. Even though I
    specified a no login on all the async lines, I am prompted with a login
    when I attempt to connect to a port and, after entering a userame and
    password, everything hangs.

    I haven't found any documentation of this problem yet and nothing seems
    to be amiss in my configuration.

    I'd appreciate any ideas anyone may have on this. I'm new to ssh on


    ccannick, Mar 11, 2006
    1. Advertisements

  2. ccannick

    Merv Guest

    post your current config
    Merv, Mar 12, 2006
    1. Advertisements

  3. ccannick

    Merv Guest

    Merv, Mar 12, 2006
  4. ccannick

    ccannick Guest

    I'm running version 122-29 and terminal access is available.

    However, after enabling SSH, terminal access to my Sun servers stopped.
    Only on my Suns, though. It was working correctly under telnet.

    The only clue I have is that I'm prompted to login when telnetting to a
    port even from inside the 2511.

    My config shows no login set. I used a no login for all lines but it
    doesn't show up in the config:


    line con 0
    line 1 16
    modem InOut
    terminal-type vt100
    no exec
    transport preferred telnet
    transport input telnet
    transport output telnet
    telnet speed 9600 9600
    stopbits 1
    line aux 0
    transport input all
    line vty 0 4
    password 7 13270E544D2E50
    transport input telnet ssh

    Shouldn't I see a line in the config that says 'no login'?
    ccannick, Mar 15, 2006
  5. ccannick


    Try making the following modification to the config and see if that

    line 1 16
    transport input telnet ssh
    transport output telnet ssh

    Cisco da Gama
    , Mar 15, 2006
  6. ccannick

    Merv Guest

    Add SSH Terminal-Line Access

    If you need outbound SSH terminal-line authentication, you can
    configure and test SSH for outbound reverse Telnets through Carter,
    which acts as a comm server to Philly.

    Cisco docs saying the following must be configured for SSH terminal

    ip ssh port 2001 rotary 1

    line 1 16
    no exec
    rotary 1
    transport input ssh
    exec-timeout 0 0
    Merv, Mar 15, 2006
  7. ccannick


    ccannick wrote:

    > Shouldn't I see a line in the config that says 'no login'?

    Since "no login" is the default for tty lines, it will not show up in
    the configuration. This is standard practice for IOS for all commands;
    default commands are not shown in the configuration.

    Cisco da Gama
    , Mar 15, 2006
  8. ccannick

    ccannick Guest

    The port option doesn't appear to be available:

    jansky(config)#ip ssh ?
    authentication-retries Specify number of authentication retries
    time-out Specify SSH time-out interval

    Also,since I can successfully connect to other device consoles from
    this router, ip ssh port can't be necessary.
    ccannick, Mar 15, 2006
  9. ccannick

    Merv Guest

    Just to clarify, you can ssh to the box and then connect to some device
    console but not to any Sun servers consoles, is that the situation ?
    Merv, Mar 15, 2006
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brad B.
    Brad B.
    Jul 9, 2003
  2. Axel Bauer
    Johnny Routin
    May 5, 2004
  3. David Smith
    David Smith
    May 30, 2004
  4. Replies:
  5. Mike Rahl
    May 30, 2007