Software Guide
Page 8
... and Authorization 8-32 Configuring the Switch for Secure Shell 8-33 Understanding SSH 8-33 SSH Servers, Integrated Clients, and Supported Versions 8-33 Limitations 8-34 Configuring SSH 8-34 Configuration Guidelines 8-34 Setting Up the Switch to Run SSH 8-35 Configuring the SSH Server 8-36 Displaying the SSH Configuration and Status 8-37 Configuring the Switch for Secure Socket Layer...
... and Authorization 8-32 Configuring the Switch for Secure Shell 8-33 Understanding SSH 8-33 SSH Servers, Integrated Clients, and Supported Versions 8-33 Limitations 8-34 Configuring SSH 8-34 Configuration Guidelines 8-34 Setting Up the Switch to Run SSH 8-35 Configuring the SSH Server 8-36 Displaying the SSH Configuration and Status 8-37 Configuring the Switch for Secure Socket Layer...
Software Guide
Page 37
...simultaneous Telnet connections for multiple CLI-based sessions over the network • In-band management access for up to five simultaneous, encrypted Secure Shell (SSH) connections for multiple CLI-based sessions over the network (requires the cryptographic version of the software) • In-band management access through SNMP Versions...requires the cryptographic version of the software) • Configuration replacement and rollback to replace the running configuration on a switch with any saved Cisco IOS configuration file OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-5
...simultaneous Telnet connections for multiple CLI-based sessions over the network • In-band management access for up to five simultaneous, encrypted Secure Shell (SSH) connections for multiple CLI-based sessions over the network (requires the cryptographic version of the software) • In-band management access through SNMP Versions...requires the cryptographic version of the software) • Configuration replacement and rollback to replace the running configuration on a switch with any saved Cisco IOS configuration file OL-8603-04 Catalyst 2960 Switch Software Configuration Guide 1-5
Software Guide
Page 60
... Connect the switch console port to the switch console port and power on page 8-6. For information about connecting to five simultaneous secure SSH sessions. The switch supports up to see the switch getting started guide or hardware installation guide. • Use any Telnet TCP/IP...first be configured for this functionality, enter a show and more command followed by using the browser. For information about configuring the switch for SSH, see the "Configuring the Switch for assigning IP information, see the "Setting a Telnet Password for a Terminal Line" section on the ...
... Connect the switch console port to the switch console port and power on page 8-6. For information about connecting to five simultaneous secure SSH sessions. The switch supports up to see the switch getting started guide or hardware installation guide. • Use any Telnet TCP/IP...first be configured for this functionality, enter a show and more command followed by using the browser. For information about configuring the switch for SSH, see the "Configuring the Switch for assigning IP information, see the "Setting a Telnet Password for a Terminal Line" section on the ...
Software Guide
Page 148
... one of attributes that direct the EXEC or NETWORK session for that user and the services that the user can access: • Telnet, Secure Shell (SSH), rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring TACACS+ This section describes...
... one of attributes that direct the EXEC or NETWORK session for that user and the services that the user can access: • Telnet, Secure Shell (SSH), rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring TACACS+ This section describes...
Software Guide
Page 155
... 86891 Workstation RADIUS Operation When a user attempts to log in and authenticate to a switch that is access controlled by a RADIUS server, these items: • Telnet, SSH, rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring RADIUS This section describes...
... 86891 Workstation RADIUS Operation When a user attempts to log in and authenticate to a switch that is access controlled by a RADIUS server, these items: • Telnet, SSH, rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts Configuring RADIUS This section describes...
Software Guide
Page 169
... the switch with the ip http authentication aaa global configuration command. These sections contain this release and with non-Cisco SSH clients. You can use an SSH client to connect to a device. To use this feature, you must install the cryptographic (encrypted) software image... complete syntax and usage information for the commands used in this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_book09186a 0080087e33.html Understanding SSH SSH is authenticated. Configuring the Switch for this release and the command reference for remote ...
... the switch with the ip http authentication aaa global configuration command. These sections contain this release and with non-Cisco SSH clients. You can use an SSH client to connect to a device. To use this feature, you must install the cryptographic (encrypted) software image... complete syntax and usage information for the commands used in this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_book09186a 0080087e33.html Understanding SSH SSH is authenticated. Configuring the Switch for this release and the command reference for remote ...
Software Guide
Page 170
... The switch supports an SSHv1 or an SSHv2 server. For more information, see the "Setting Up the Switch to Run SSH, page 8-35 (required) • Configuring the SSH Server, page 8-36 (required only if you are supported only on page 8-35. • When generating the RSA key...Encryption Standard (DES) encryption algorithm, the Triple DES (3DES) encryption algorithm, and password-based user authentication. SSH also supports these guidelines when configuring the switch as an SSH server or SSH client: • An RSA key pair generated by a SSHv1 server can be used by an SSHv2 server,...
... The switch supports an SSHv1 or an SSHv2 server. For more information, see the "Setting Up the Switch to Run SSH, page 8-35 (required) • Configuring the SSH Server, page 8-36 (required only if you are supported only on page 8-35. • When generating the RSA key...Encryption Standard (DES) encryption algorithm, the Triple DES (3DES) encryption algorithm, and password-based user authentication. SSH also supports these guidelines when configuring the switch as an SSH server or SSH client: • An RSA key pair generated by a SSHv1 server can be used by an SSHv2 server,...
Software Guide
Page 171
... for the switch. For more information, see the release notes for this procedure only if you are configuring the switch as an SSH server. Download the cryptographic software image from Cisco.com. When you generate RSA keys, you are prompted to generate an RSA key pair. Show the version and configuration information...
... for the switch. For more information, see the release notes for this procedure only if you are configuring the switch as an SSH server. Download the cryptographic software image from Cisco.com. When you generate RSA keys, you are prompted to generate an RSA key pair. Show the version and configuration information...
Software Guide
Page 172
...Specify the time-out value in the configuration file. Repeat this command or do not specify a keyword, the SSH server selects the latest SSH version supported by the SSH client. The range is 120 seconds. the range is 0 to 120 seconds. Show the status of the ... both parameters. (Optional) Configure the virtual terminal line settings. • Enter line configuration mode to the default SSH control parameters, use the no ip ssh {timeout | authentication-retries} global configuration command. 8-36 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 For example...
...Specify the time-out value in the configuration file. Repeat this command or do not specify a keyword, the SSH server selects the latest SSH version supported by the SSH client. The range is 120 seconds. the range is 0 to 120 seconds. Show the status of the ... both parameters. (Optional) Configure the virtual terminal line settings. • Enter line configuration mode to the default SSH control parameters, use the no ip ssh {timeout | authentication-retries} global configuration command. 8-36 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 For example...
Software Guide
Page 173
... Web browser. Chapter 8 Configuring Switch-Based Authentication Configuring the Switch for Secure Socket Layer HTTP Displaying the SSH Configuration and Status To display the SSH server configuration and status, use this release. You must be installed on your switch. For more of ...see the "Secure Shell Commands" section in the "Other Security Features" chapter of the Cisco IOS Security Command Reference, Cisco IOS Release 12.2, at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a008015a4c6. For more information about the crypto image,...
... Web browser. Chapter 8 Configuring Switch-Based Authentication Configuring the Switch for Secure Socket Layer HTTP Displaying the SSH Configuration and Status To display the SSH server configuration and status, use this release. You must be installed on your switch. For more of ...see the "Secure Shell Commands" section in the "Other Security Features" chapter of the Cisco IOS Security Command Reference, Cisco IOS Release 12.2, at this URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a008015a4c6. For more information about the crypto image,...
Software Guide
Page 179
This procedure assumes that you have previously configured a CA trustpoint on Secure Shell (SSH), an application and a protocol that provides a secure replacement for the Berkeley r-tools. If you should allow the server and client to be used for the ...
This procedure assumes that you have previously configured a CA trustpoint on Secure Shell (SSH), an application and a protocol that provides a secure replacement for the Berkeley r-tools. If you should allow the server and client to be used for the ...
Software Guide
Page 180
.../products_feature_guide09186a0080087b18 .html 8-44 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 Because SSH also relies on AAA authentication, and SCP relies further on how to that of the Cisco IOS New Features, Cisco IOS Release 12.2, at this from a workstation. SCP also requires that SCP ...relies on SSH for security. This is necessary. • Before enabling SCP, you must enter ...
.../products_feature_guide09186a0080087b18 .html 8-44 Catalyst 2960 Switch Software Configuration Guide OL-8603-04 Because SSH also relies on AAA authentication, and SCP relies further on how to that of the Cisco IOS New Features, Cisco IOS Release 12.2, at this from a workstation. SCP also requires that SCP ...relies on SSH for security. This is necessary. • Before enabling SCP, you must enter ...
Software Guide
Page 575
... Applications over IPv4 transport • Cisco Discovery Protocol (CDP) support for IPv6 addresses For more information about managing these applications: • Ping, traceroute, Telnet, TFTP, and FTP • Secure Shell (SSH) over an IPv6 transport • HTTP server access over IPv6 transport • DNS ...resolver for AAAA over IPv6" section in the Cisco IOS IPv6 Configuration Library at system startup so that are not upgraded and ...
... Applications over IPv4 transport • Cisco Discovery Protocol (CDP) support for IPv6 addresses For more information about managing these applications: • Ping, traceroute, Telnet, TFTP, and FTP • Secure Shell (SSH) over an IPv6 transport • HTTP server access over IPv6 transport • DNS ...resolver for AAAA over IPv6" section in the Cisco IOS IPv6 Configuration Library at system startup so that are not upgraded and ...
Software Guide
Page 700
...-to-DSCP map for QoS 28-52 counters, clearing interface 10-19 crashinfo file 32-21 critical authentication, IEEE 802.1x 9-33 cryptographic software image SSH 8-33 SSL 8-37 CWDM SFPs 1-17 D daylight saving time 6-13 debugging enabling all system diagnostics 32-19 enabling for a specific feature 32-18 redirecting error...
...-to-DSCP map for QoS 28-52 counters, clearing interface 10-19 crashinfo file 32-21 critical authentication, IEEE 802.1x 9-33 cryptographic software image SSH 8-33 SSL 8-37 CWDM SFPs 1-17 D daylight saving time 6-13 debugging enabling all system diagnostics 32-19 enabling for a specific feature 32-18 redirecting error...
Software Guide
Page 720
Index Secure Shell See SSH Secure Socket Layer See SSL security, port 19-8 security features 1-7 sequence numbers in log messages 25-8 server mode, VTP 13-3 service-provider network, MSTP and ...-20 show running-config command interface description in 10-16 shutdown command on interfaces 10-19 Simple Network Management Protocol See SNMP Smartports macros applying Cisco-default macros 11-6 applying global parameter values 11-5, 11-6 applying macros 11-5 applying parameter values 11-5, 11-7 configuration guidelines 11-2 IN-26 Catalyst 2960 Switch...
Index Secure Shell See SSH Secure Socket Layer See SSL security, port 19-8 security features 1-7 sequence numbers in log messages 25-8 server mode, VTP 13-3 service-provider network, MSTP and ...-20 show running-config command interface description in 10-16 shutdown command on interfaces 10-19 Simple Network Management Protocol See SNMP Smartports macros applying Cisco-default macros 11-6 applying global parameter values 11-5, 11-6 applying macros 11-5 applying parameter values 11-5, 11-7 configuration guidelines 11-2 IN-26 Catalyst 2960 Switch...
Software Guide
Page 722
Index SSH configuring 8-34 cryptographic software image 8-33 described 1-5, 8-33 encryption methods 8-34 user authentication methods, supported 8-34 SSL configuration guidelines 8-40 configuring a secure HTTP client 8-43 ...
Index SSH configuring 8-34 cryptographic software image 8-33 described 1-5, 8-33 encryption methods 8-34 user authentication methods, supported 8-34 SSL configuration guidelines 8-40 configuring a secure HTTP client 8-43 ...