SSH from a router

Can we initiate an SSH session from a cisco router or a switch to another device?
thanks in advance
Narayan

Hi,
routerA#ssh ?
-c Select encryption algorithm
-l Log in using this user name
-m Select HMAC algorithm
-o Specify options
-p Connect to this port
-v Specify SSH Protocol Version
WORD IP address or hostname of a remote system
routerA#ssh -v 1 -l admin routerB
Password:
routerB>exit
[Connection to routerB closed by foreign host]
routerA#
HTH
Andrea

Similar Messages

  • SSH from Cisco Router to another Cisco Router

    I believe I already know what the issue is but wanted to confirm.
    I recently changed the configuration of the routers so that all incoming SSH connections can only be done via the specified port:
    ip ssh port xxxx rotary 10
    created an ACL and everything works beautifully with Putty.  When I try to SSH from a router to another router it sits there and the ACL permits the connection but nothing happens.
    I use ssh -p xxxx NAME.
    I assume this is because of the cert not being recognized by the connecting router?

    Hi,
    I'm afraid you misunderstood the purpose of ip ssh port:
    To enable secure access to tty (asynchronous) lines, use the ip ssh port command in global configuration mode. To disable this functionality, use the no form of this command.
    ip ssh port por-tnum rotary group
    no ip ssh port por-tnum rotary group
    The result of your command
    ip ssh port xxxx rotary 10
    is, that incoming ssh sessions destined to your secret port xxxx will be forwarded to a vacant async interface belonging to rotary group 10. That is: anything you type into your ssh client will be sent out as an asynchronous character to the async interface to which the ssh session is connected to. Now I assume that you dont have
    What you might want to try is the command rotary which allows to put vty into a rotary group
    line vty 2 4
    rotary 10
    login local
    Rgds, MiKa
    Message was edited by: m.kafka (added line vty rotary)

  • It is possible ssh from a router to another, to its ipv6 link-local address?

    Hi 
    R1 and R2 are connected by serial links, with IPV6 address global unicast and link-local every link.
    I can do ping between them. When I do ping to link-local address next router, I need to specify outgoing interface, ping is succesful.
    However I can not do SSH v2 from a router to another to its link-local address. 
    OS R1 and R2: c2900-universalk9-mz.SPA.151-1.M4.bin 
    R1
    Serial0/3/0                [up/up]
        FE80::1
        2001:1200:CAFE:BEBA::1
    R2
    Serial0/3/0                [up/up]
        FE80::2
        2001:1200:CAFE:BEBA::2
    Thank you

    Hi Cesar, 
    you should be able to use "%source_itf" at the end of the target IPv6 LL address. 
    Example with telnet : 
    R1#ping FE80::302              
    Output Interface: Ethernet0/0                 
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to FE80::302, timeout is 2 seconds:
    Packet sent with a source address of FE80::301%Ethernet0/0
    Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
    R1#telnet FE80::302%Ethernet0/0
    Trying FE80::302 ... Open
    Password required, but none set
    [Connection to FE80::302%Ethernet0/0 closed by foreign host]
    R1#

  • Not able to ssh out from a router

    Hi All:
    I notices i can't not ssh out to another device from my router.
    SSH in from my client (putty) works fine.
    and not access-list attached to vty with out direction.
    transport output all
    I found this problem happened on my ASR1002 with "asr1000rp1-adventerprisek9.03.03.01.S.151-2.S1.bin" and my 2921 router with "c2900-universalk9-mz.SPA.151-4.M2.bin",  but it works fine on 7200  with "c7200-advipservicesk9-mz.151-4.M.bin". and my old router 28/18 with 12.4 ios work fine as well.
    The symptom is:
    BMP-2921-R01#ssh -l jason 1.1.1.1
    % Connections to that host not permitted from this terminal
    any idea? please help me out
    thanks

    Hi:
    Configuration:
    ip domain name xxx.com.sg
    ip ssh time-out 30
    ip ssh authentication-retries 2
    access-list 10 remark "SSH Access Restriction"    
    access-list 10 permit 123.49.101.6
    access-list 10 permit 10.168.2.213
    access-list 10 permit 10.168.4.219
    access-list 10 permit 10.168.4.217
    line vty 0 4
    session-timeout 15
    access-class 10 in
    exec-timeout 5 0
    privilege level 15
    logging synchronous
    transport input telnet ssh
    transport output all
    line vty 5 15
    no exec
    transport input none

  • How can I map SSH from an outside network range to an internal host (ASA 5505)

    Cisco Adaptive Security Appliance Software Version 7.2(4)
    Device Manager Version 5.2(4)
    - External network range that needs SSH access: 8.8.8.0/24
    - Outside interface: 10.1.10.2 (NAT'd from 7.7.7.7)
    - Inside Network: 192.168.100.0/24
    - Inside host to redirect external SSH to: 192.168.100.98
    Hi All,
    I have a Cisco ASA 5505 (version above) and I have someone that needs to SSH into a box behind the ASA. I'm having a few issues trying to configure this access-list and NAT. I've tried many combinations and clearly my IOS is not as good as I thought.
    Can anyone help with this? What commands should I enter to accomplish mapping SSH from an outside network range to an internal host?
    Many thanks,
    Tarran

    This may or may not work depending on how your modem handles the natting. On your firewall try this -
    static (inside,outside) tcp interface 22 192.168.100.98 22
    then add this to your acl on the outside interface of your ASA -
    access-list outside_in permit tcp 8.8.8.0 255.255.255.0 host 10.1.10.2 eq 22
    if you don't have an acl applied then add this extra step -
    access-group outside_in in interface outside
    Jon

  • Not able to ssh from one EC2 instance to another

    I was trying to work with Oracle AMIs on Amazon cloud (EC2 instances).
    1) Created 2 EC2 instances of an Oracle database AMI ( based on Oracle Enterprise Linux (OEL) 5)
    2) I have opened ports in my security group associated with these EC2 instances.
    i) TCP 22 (SSH) - 0.0.0.0/0 ( Everybody)
    ii) ICMP ALL - 10.0.0.0/8 ( To enable ping functionality)
    So i am able to ping successfully from one EC2 to another with the public DNS, but ssh hangs
    a) Login to EC2 instance #1 from my desktop - SUCCESS
    b) ssh public_ip_of_instance_2 22  (HANGS).....
    c) Login to EC2 instance #2 from my desktop - SUCCESS
    d) ssh public_ip_of_instance_1 22 (HANGS).....
    Any ideas ? I worked with a default UBUNTU ec2 instance in amazon (public AMIs) and i did not face any problem doing an ssh from one EC2 to another.
    Is there something inside OEL (Oracle Enterprise Linux) that locks down ssh on port 22 from one instance to another ?
    Any ideas ?

    Hi All,
    I could solve it myself. Thanks for the time.
    The problem was I tried to navigate directly from the component ''BT125H_TASK' to the component 'CRMCMP_CMG', as I could not find any parent for BT125H_TASK earlier.
    Now I could find its parent component which is 'BT110M_ACT'.
    The outbound plug created in the task component has to be added to the component usage of 'BT110M_ACT' and the delegation should be done. The other things are the same. It works fine.
    Regards
    Vidhya

  • How to read data from a router by using labview

    I am a  beginner labview. How to read data from a router by using labview ? 

    What kind of data are you trying to read?
    Does the router behave like a webserver that you log into?  If so, search the forums for threads discussing HTML.

  • SSH from solaris 10 to RHEL 5

    Hi,
    I want to do passwordless ssh from solaris VM to linux server.
    Kindly tell me the complete steps.

    On the machine attached to the screen in front of you:
    <pre>
    mkdir -p ~/.ssh
    chmod 700 ~/.ssh
    rm -f ~/.ssh/id_dsa
    ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa
    ssh username@remote_host "mkdir -p .ssh; chmod 700 .ssh"
    ssh username@remote_host "echo "$KEY" >> .ssh/authorized_keys; chmod 644 .ssh/authorized_keys"
    ssh username@remote_host
    (should log you right in without prompting for password)
    </pre>

  • Can I use an AE as a Bridge allowing me to hardwire my iMac and offer a wifi to my MacBook? The Ethernet in my office is hard wired but does come in from a router on the other end of the building that has a wifi that cant reach my office...

    Can I use an AE as a Bridge allowing me to hardwire my iMac and offer a wifi to my MacBook? The Ethernet in my office is hard wired but does come in from a router on the other end of the building that has a wifi that cant reach my office...

    Thanks, I thought so but wanted to be sure before running out and buying one...  I also called Apple Joint Venture and they helped me set it up without the Airport by using my iMac as the wifi!  Thanks again!

  • My 4s continues to lose wi-fi and reverts to 3G even when the phone is 4 ft from the router.

    My 4s continues to lose wi-fi and reverts to 3G even when the phone is 4 ft from the router. Is this a defect in my phone? It happens when I am home and I switch to my wi-fi. It doesn't matter where the phone is in relation to the router. Please note, I have my phone set to NOT sleep. Does any one know why my phone reverts to 3G? I have to manually set it to wi-fi every time this happens.

    I have the same issue with my iPhone 4s. It was not an issue when I was using iOS5, but it started once I upgraded to iOS6 and the recent update of iOS6.0.1 did not fix it. Judging from the release notes, Apple thinks this is only an iPhone 5 issue, as they say they fixed it for iPhone 5's.
    I have an iPad 2 (iOS6.0.1) and a 3rd generation iPod touch (latest iOS5 release), as well as an Apple TV 2. None of the other devices have this problem and they are all on the same network.
    Something interesting... my iPhone 4s works fine on the wifi where I work. At home, it continually turns on and off. My home network is using a Netgear router (WNDR3400) and the iPhone is connecting to it using WPA2+PSK protocol. Hopefully, this information can help Apple figure out the problem.
    (I remember my iPod Touch having a similar issue a few years ago with iOS 4, when I had a different Netgear router using the same security protocol. I think iOS 5 fixed it for the iPod Touch... I wonder if some Apple products have an issue with Netgear Routers using that encryption.)

  • Re: WRT350N ----- Very poor Wireless signal strength from my router

    I have a WRT350N router.  I had it for a year now.   In the begining the Wireless Signal strenth was good. 
    I used to get 4-5 bars in my bed room which is about 10 meters from the router. 
    Now I have my laptop sitting 1 feet away from the router and I get only 1 bar.
    I upgraded my firmware.  I rebooted my router a few times still no luck.
    Current Firmware Version:  v1.04.4 build 003 Jul. 14, 2008
    Can any one tell me whats the problem. More importantly can some one help me resolve this problem.
    Thanks
    Sunny

    As you upgraded the router's firmware,I would suggest you to reset the router for 30 seconds and reconfigure it from the scratch, as it is advisable to reset the router after upgrading the router's firmware.
    On the router's setup page,Under Wireless tab..Give unique name in the Wireless Network Name (SSID). Change the Radio Band to Standard-20MHz and change the Standard channel to 11-2.462GHz... Under the Advance Wireless tab,change the Beacon Interval to 75 and click on save settings.... Now,check.

  • Dialogue failure from ICM Router send 404

    Hi,
    It is a fresh installation of ucce 9.0(3) with CVP 9.0
    I am using sip comprehensive model (without SIP proxy).
    After I have finished the installation, all the pims are active and the same for the call server and vxml server.
    For some reason, the call is reaching the icm script then disconnected.
    the logs collected from the Call server:
    2202: 10.15.19.21: Jun 11 2013 03:20:54.544 +0300: %CVP_9_0_Infrastructure-2-HEARTBEATS_STOPPED:  Heartbeats from RPT1 stopped.  Unilaterally setting state to PARTIAL_SERVICE.  Sending update. [id:1011]
    159: 10.15.19.21: Jun 11 2013 11:33:28.567 +0300: %CVP_9_0_SIP-3-SIP_CALL_ERROR:  CALLGUID = 8041B895D8E0611B41004501C0A879C3 LEGID = 6CD52037-D1A811E2-B9BB90EF-14EB87BB - [INBOUND] - DIALOGUE_FAILURE from ICM Router sends 404 rejection to call. errorcode=5 [id:5004]
    162: 10.15.19.21: Jun 11 2013 11:33:28.567 +0300: %CVP_9_0_SIP-3-SIP_CALL_ERROR:  CALLGUID = 8041B895D8E0611B41004501C0A879C3 LEGID = 6CD52037-D1A811E2-B9BB90EF-14EB87BB - [INBOUND] - ABNORMALLY ENDING - SIP code [404], Reason Hdr [SIP;cause=404] Not Found, GW call using SURV TCL flag [false], NON NORMAL flag [true], DNIS [8555], ANI [8038] with AGE (msecs) 47 and Call History :  [id:5004]
    Thanks in advance,
    George

    Please attach the complete rtr and call servr logs.
    Also check
    PG Explorer - CUCM PIM Advanced - Network VRU - NONE
    PG Explorer - CVP PIM Advanced - Network VRU - Type 10 your CVP

  • How can i get the MAC of the users from my router?

    Hi I need to get the MAC of the users from my router, but without go its web page. I have to make a program to get that list since a computer desktop wich will be periodically sensing my router. I appreciate your help thanks.

    Have you tried psexec? it's a command prompt utility that executes program on the remote computer.
    For example: PC1 (192.168.1.2) to PC2 (192.168.1.3)
    In the command prompt window on PC1, type psexec \\192.168.1.3 ipconfig /all
    Then get the MAC address

  • SSH from work machine to home machine is very slow to connect

    If I try to SSH to my home computer (using its domain name or IP) from any computer on my office's network I get very long delays (using the -vv flag to debug). But if I SSH to my home machine from a computer outside of my office's network my home machine responds fine, no delays. And I can SSH from my office's network to any other remote machine no problem. It's only my home machine that is experiencing delays. I should add that I can AFP/VNC connect from my office to my home without issues either, this ONLY affects SSH connections.
    Here's the output from the initial SSH attempt from my office to my home machine (I've made the info anonymous):
    OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /etc/ssh_config
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to domain.com [XX.XX.XXX.XXX] port 22.
    debug1: Connection established.
    debug1: identity file /Users/username/.ssh/identity type -1
    debug1: identity file /Users/username/.ssh/id_rsa type -1
    debug1: identity file /Users/username/.ssh/id_dsa type -1
    Here is waits about 60 seconds before the next output.
    In researching this it seems like it could be DNS issue? Any help would be appreciated. It's driving me crazy.

    Well, I spent long time with Apple Phone support, they made me delete the library, move some iTunes file from Library folder on my MBP but that didn't help.
    I also did reset my Apple TV, and did all the settings again. No change.
    I read somewhere on this forum itself I think to remove "Share my Library on local network" option from iTunes preferences, under sharing. As per the suggestion, this is an old option, and when you have home sharing on, you don't need this to be checked. More over it causes sharing to be slow. So after I unchecked it, I ATV3 and my MBP on for about an hour, and when I came back, it was all just perfect!

  • SSH from service processor to host os (Solaris 10) on V20z?

    Hi all,
    when I try to ssh from the service console to the host os, which is Solaris 10, I get the error message:
    /etc/ssh/ssh_config line 19: garbage at end of line; "1".
    Any ideas?
    Thanks

    Seems like there is something wrong in the ssh_config file, most likely on line 19, you should have a look on that line and see what it says..

Maybe you are looking for