Software Configuration Guide
Page 10
...Authorization 9-32 Configuring the Switch for Secure Shell 9-33 Understanding SSH 9-33 SSH Servers, Integrated Clients, and Supported Versions 9-33 Limitations 9-34 Configuring SSH 9-34 Configuration Guidelines 9-34 Cryptographic Software Image Guidelines 9-35 Setting Up the Switch to Run SSH 9-35 Configuring the SSH Server 9-36 Displaying the SSH Configuration and Status 9-37... 10-9 802.1x Configuration Guidelines 10-10 Upgrading from a Previous Software Release 10-11 Enabling 802.1x Authentication 10-11 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide x 78-11380-10
...Authorization 9-32 Configuring the Switch for Secure Shell 9-33 Understanding SSH 9-33 SSH Servers, Integrated Clients, and Supported Versions 9-33 Limitations 9-34 Configuring SSH 9-34 Configuration Guidelines 9-34 Cryptographic Software Image Guidelines 9-35 Setting Up the Switch to Run SSH 9-35 Configuring the SSH Server 9-36 Displaying the SSH Configuration and Status 9-37... 10-9 802.1x Configuration Guidelines 10-10 Upgrading from a Previous Software Release 10-11 Enabling 802.1x Authentication 10-11 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide x 78-11380-10
Software Configuration Guide
Page 38
...Cisco devices on the network • Network Time Protocol (NTP) for providing a consistent time stamp to all Ethernet ports for detecting and disabling unidirectional links on the Catalyst 2955 switch) • Address Resolution Protocol (ARP) for identifying a switch...(SSH) connections for multiple CLI-based sessions over the network (only available in flash memory to ensure that the switch can be connected to a network and can forward traffic with the EI) • Cisco ... cross-stack Gigabit uplinks Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-4 78-11380-10
...Cisco devices on the network • Network Time Protocol (NTP) for providing a consistent time stamp to all Ethernet ports for detecting and disabling unidirectional links on the Catalyst 2955 switch) • Address Resolution Protocol (ARP) for identifying a switch...(SSH) connections for multiple CLI-based sessions over the network (only available in flash memory to ensure that the switch can be connected to a network and can forward traffic with the EI) • Cisco ... cross-stack Gigabit uplinks Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-4 78-11380-10
Software Configuration Guide
Page 42
... Interface." • IE2100-Cisco Intelligence Engine 2100 Series Configuration Registrar is a network management device that is running platforms such as Netscape Communicator or Microsoft Internet Explorer. You can configure and monitor the switch and switch cluster members from anywhere in your network through its various management interfaces. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-8 78...
... Interface." • IE2100-Cisco Intelligence Engine 2100 Series Configuration Registrar is a network management device that is running platforms such as Netscape Communicator or Microsoft Internet Explorer. You can configure and monitor the switch and switch cluster members from anywhere in your network through its various management interfaces. Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 1-8 78...
Software Configuration Guide
Page 65
... configured for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 For information about recalling previous command entries, see the "Configuring the Switch for this functionality, enter a show or more information, see . This ... a Telnet Password for show and more Commands Use line wrapping with the Telnet or SSH client, and the switch must have an enable secret password configured. The switch supports up to 16 simultaneous Telnet sessions. This is already configured, you need to connect...
... configured for Secure Shell" section on the management station. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 2-9 For information about recalling previous command entries, see the "Configuring the Switch for this functionality, enter a show or more information, see . This ... a Telnet Password for show and more Commands Use line wrapping with the Telnet or SSH client, and the switch must have an enable secret password configured. The switch supports up to 16 simultaneous Telnet sessions. This is already configured, you need to connect...
Software Configuration Guide
Page 192
... method lists for TACACS+ authentication. CONTINUE-The user is established, the switch contacts the TACACS+ daemon to obtain a username prompt to show to a switch by authenticating to the user. Telnet, Secure Shell (SSH), rlogin, or privileged EXEC services - A method list defines the sequence... can be used to authenticate, to authorize, or to keep accounts on the TACACS+ daemon. - If the switch is exhausted. 9-12 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Users must identify the host or hosts maintaining the TACACS+ daemon and define the...
... method lists for TACACS+ authentication. CONTINUE-The user is established, the switch contacts the TACACS+ daemon to obtain a username prompt to show to a switch by authenticating to the user. Telnet, Secure Shell (SSH), rlogin, or privileged EXEC services - A method list defines the sequence... can be used to authenticate, to authorize, or to keep accounts on the TACACS+ daemon. - If the switch is exhausted. 9-12 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Users must identify the host or hosts maintaining the TACACS+ daemon and define the...
Software Configuration Guide
Page 199
...Figure 9-2 Transitioning from the RADIUS server: a. The user receives one service model. Chapter 9 Configuring Switch-Based Authentication Controlling Switch Access with RADIUS RADIUS is enabled. The username and encrypted password are sent over the network to select...Cisco device if the non-Cisco device requires authentication. • Networks using a variety of these items: • Telnet, SSH, rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch...
...Figure 9-2 Transitioning from the RADIUS server: a. The user receives one service model. Chapter 9 Configuring Switch-Based Authentication Controlling Switch Access with RADIUS RADIUS is enabled. The username and encrypted password are sent over the network to select...Cisco device if the non-Cisco device requires authentication. • Networks using a variety of these items: • Telnet, SSH, rlogin, or privileged EXEC services • Connection parameters, including the host or client IP address, access list, and user timeouts 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch...
Software Configuration Guide
Page 213
... password-based user authentication. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-33 The SSH client also works with the SSH server supported in this section, refer to configure the Secure Shell (SSH) feature. Chapter 9 Configuring Switch-Based Authentication Configuring the Switch for Secure Shell Configuring the Switch for Secure Shell This section describes how to...
... password-based user authentication. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-33 The SSH client also works with the SSH server supported in this section, refer to configure the Secure Shell (SSH) feature. Chapter 9 Configuring Switch-Based Authentication Configuring the Switch for Secure Shell Configuring the Switch for Secure Shell This section describes how to...
Software Configuration Guide
Page 214
... domain specified" might appear. Limitations These limitations apply to Run SSH, page 9-35 (required) • Configuring the SSH Server, page 9-36 (required only if you are supported only on the console. 9-34 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Configuring the Switch for Local Authentication and Authorization" section on page 9-35. •...
... domain specified" might appear. Limitations These limitations apply to Run SSH, page 9-35 (required) • Configuring the SSH Server, page 9-36 (required only if you are supported only on the console. 9-34 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 Configuring the Switch for Local Authentication and Authorization" section on page 9-35. •...
Software Configuration Guide
Page 215
... non-LRE Catalyst 2950 switches: The SSH feature uses a large amount of switch memory, which automatically enables SSH. Download the cryptographic software image from Cisco.com. For more information, see the "Configuring the Switch for Local Authentication and Authorization" section on the switch must meet this release. 2. Beginning in the configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration...
... non-LRE Catalyst 2950 switches: The SSH feature uses a large amount of switch memory, which automatically enables SSH. Download the cryptographic software image from Cisco.com. For more information, see the "Configuring the Switch for Local Authentication and Authorization" section on the switch must meet this release. 2. Beginning in the configuration file. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration...
Software Configuration Guide
Page 216
... Authentication To delete the RSA key pair, use the no ip ssh {timeout | authentication-retries} global configuration command. 9-36 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 After the execution shell starts, the CLI-based session time-out value returns to the default of 10 minutes. ...
... Authentication To delete the RSA key pair, use the no ip ssh {timeout | authentication-retries} global configuration command. 9-36 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10 After the execution shell starts, the CLI-based session time-out value returns to the default of 10 minutes. ...
Software Configuration Guide
Page 217
....2, at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_r/fothercr/ srfssh.htm. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-37 Shows the status of the SSH server. Chapter 9 Configuring Switch-Based Authentication Configuring the Switch for Secure Shell Displaying the SSH Configuration and Status To display the...
....2, at this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_r/fothercr/ srfssh.htm. 78-11380-10 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 9-37 Shows the status of the SSH server. Chapter 9 Configuring Switch-Based Authentication Configuring the Switch for Secure Shell Displaying the SSH Configuration and Status To display the...
Software Configuration Guide
Page 701
..., saving 5-11 S SC (standby command switch) 7-11, 7-21 scheduled reloads 5-16 secure ports, configuring 22-7 secure remote connections 9-33 Secure Shell See SSH security, port 22-7 sequence numbers in log...signal to noise ratio 13-16 Simple Network Management Protocol See SNMP Smartports macros applying Cisco-default macros 12-6 applying global parameter values 12-5, 12-6 applying macros 12-5 applying...strings configuring 28-7 for cluster switches 28-4 overview 28-4 configuration examples 28-15 default configuration 28-6 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide IN-25
..., saving 5-11 S SC (standby command switch) 7-11, 7-21 scheduled reloads 5-16 secure ports, configuring 22-7 secure remote connections 9-33 Secure Shell See SSH security, port 22-7 sequence numbers in log...signal to noise ratio 13-16 Simple Network Management Protocol See SNMP Smartports macros applying Cisco-default macros 12-6 applying global parameter values 12-5, 12-6 applying macros 12-5 applying...strings configuring 28-7 for cluster switches 28-4 overview 28-4 configuration examples 28-15 default configuration 28-6 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide IN-25
Software Configuration Guide
Page 702
...-3 spanning tree and native VLANs 17-17 Spanning Tree Protocol See STP speed configuring on interfaces 11-10 setting on CPE devices 13-11 SSH configuring 9-34 cryptographic software image 9-33 described 9-33 encryption methods 9-33 user authentication methods, supported 9-34 IN-26 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10
...-3 spanning tree and native VLANs 17-17 Spanning Tree Protocol See STP speed configuring on interfaces 11-10 setting on CPE devices 13-11 SSH configuring 9-34 cryptographic software image 9-33 described 9-33 encryption methods 9-33 user authentication methods, supported 9-34 IN-26 Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-10