SSH password

I have enabled remote login and when I try to ssh into my computer from another it requires a password and when I use my password assigned to the user, it doesn't work. Is there somewhere I have to enabled a remote password?

The ssh password is the same password you use to login directly on the machine itself. If it's not working then something else is amiss.
Are you sure, for example, that you're logging in using the appropriate username? If your account on your machine is 'bob', but you're coming from a remote machine where you're logged in as 'joe' then, by default, it will try to authenticate you as 'joe' in which case the password likely wouldn't match.
Without knowing more about how you're logging in it's hard to be more specific.

Similar Messages

Prompting for passwords even i configured ssh password less authentication

There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keys
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
Edited by: user13376823 on Oct 9, 2012 9:30 AM

user13376823 wrote:
There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keysI don't think you should be doing this. I can't see the point of adding the private key and adding the public key means the "Site" can ssh to itself without needing a password!
>
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
I would expect you to add the RSA public key to the "authorized_keys2" file and not the "authorized_keys" file.
>
>
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
Edited by: user13376823 on Oct 9, 2012 9:30 AM

Using ksshaskpass to access SSH passwords with the KDE Wallet

Hi,
I'm trying to use ksshaskpass to store SSH passwords with the KDE wallet and unlock them on login with one password so I don't have to keep entering the passwords each time I want to SSH. It isn't working for me though. I followed the directions here, but I still have to enter the password each time I want to SSH. I'm running KDEmod 4.4.3. Any ideas?
Thanks!
Last edited by CosineQuaNon (2010-05-27 03:27:08)

For KDE4, you need to create the file
~/.kde4/Autostart/ssh-add.sh
instead of
~/.kde/Autostart/ssh-add.sh
For me, this works perfectly.

Can I supply my SSH password somewhere instead of entering it?

I'm using a lot of SSH lately for my Raspberry Pi.
I've set up an alias 'pi' that executes ssh [email protected] and it works great but I'm annoyed by the fact that
the server still asks for the password.
Is there some way I could put the password in some kind of configuration file so that the server matches
it with the key and I don't have to enter the password each time?
Thanks in advance!

You should be able to create a public key and copy that key to the Raspberry Pi.
Run:
ssh-keygen -t dsa
answer the questions. Then copy the id_dsa.pub key from ~/.ssh to authorized_keys in the user account's .ssh directory on the Raspberry Pi.
The only trick is that most how-to lists on the internet instruct people to use an empty passphrase for the public key. Don't do that. OS X includes and easy-to-use ssh-agent built into the keychain. Supply a strong passphrase and when prompted the first time you use it, save the passphrase to your keychain.

Storing ssh passwords/keys in keychain

Can anyone tell me how to set up ssh and keychain so when I connect to the remote system it uses keychain for the password or public key? The remote system is FreeBSD 8.0. Do I need to setup anything else on that end?
Cheers.

For anyone else trying to do the same thing I found some useful info at http://www.stocksy.co.uk/articles/Mac/sshon_mac_osx.

Ssh password questions

I have a couple newbie-ish questions regarding SSH access in OS X. I currently have OS X 10.6.1, if it helps any.
Currently, I have SSH access enabled through Remote Login in System Preferences. I have public key authentication set up for a couple of my computers, but there are some places that I can't utilize that method and have to use keyboard-interactive login.
What I'm concerned about is having to change my password for my user account to ensure that SSH access is as secure as I can make it for passwords. However, as my wife uses this computer, she doesn't want to have to type in a weird login just to log in to the computer. Is there a way to enable a different password for SSH access than is set up for the user account on OS X?

ZyLo wrote:
Currently, I have SSH access enabled through Remote Login in System Preferences. I have public key authentication set up for a couple of my computers, but there are some places that I can't utilize that method and have to use keyboard-interactive login.
Really? Usually that is just because you have some permissions problems on .ssh or your home directory.
What I'm concerned about is having to change my password for my user account to ensure that SSH access is as secure as I can make it for passwords. However, as my wife uses this computer, she doesn't want to have to type in a weird login just to log in to the computer. Is there a way to enable a different password for SSH access than is set up for the user account on OS X?
Not as far as I know. My advice would be:
Get your wife her own computer, or setup multiple user accounts on this machine, make your wife's account "Standard", and set it up for default login

Prime Infrastructure SSH password with space

Hi,
We have Prime Infrastructure 1.2 installed and now starting to populate the inventory with the devices list.
However, it seems like the system does not accept password with space character inside.
Anyone knows the fix / workaround to make this work?
Thanks.
Johannes

Hi ,
As Per my understanding there is No workaround ,you can try special characters ,however SPACES are Not allowed
Thanks
Afroz

EEM/SSH onto another device: Can I avoid password in cleartext?

Hi All
I would like to create an EEM script on Switch A which ssh's onto Switch B to run a second EEM script.
After looking on the Cisco site and forums, I believe the following would allow me to do this:
Switch A
event manager applet Script1
action 1.0 cli command "ssh -l <SwitchB_User> <SwitchB_IPAddress> "event man run Script2"" pattern "word:"
action 2.0 cli command "<password>" pattern "#"
action 3.0 cli command "exit" pattern "#"
Switch B
event manager applet Script2
action 1.0 mail server "<mailserver>" to "<toaddress>" from "<fromaddress>" subject "<subject>" body "<body>"
Would you be able to help with the following queries:
a) is the configuration correct?
b) Is there any way of encrypting the password so that it doesn't appear as clear text in the running/start up configurations?
Many Thanks!
John

The configuration looks good as far as EEM is concerned, but you will run into trouble with the SSH password. SSH uses a keyboard-interactive process by default, which is unfriendly to scripting/pasting, so it's most likely that your script will hang after executing the SSH command, never receiving the password prompt.
SSH supports establishing connections without passwords using pre-defined RSA private and public key pairs, but only the server side of IOS SSH supports this. It would be workable if you were running the requests from the Unix/Linux box, but not from IOS.
If you want to be able to quickly execute commands on other routers without transmitting or storing passwords in the configuration, falling back to the older RSH technology might be applicable here. RSH works by establishing trusted connections without authentication, so you need to be careful about how you allow it to connect and what you allow it to do, but it might be just what you need.
Have a look at this link for further information and don't worry about the RCP portion.
Configuring a Router to Use rsh and rcp

Ssh on solaris 10

when i am trying to connect to ssh from putty i get the below errors
login as: root
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
and it goes on.... I am logging in as root with the root password and it says Access Deniyed..
# chmod 700 .
# chmod 600 *
# ls -la
total 6
drwx------ 2 root root 512 Jan 6 14:19 .
drwxr-xr-x 37 root root 1024 Jan 6 14:18 ..
-rw------- 1 root root 442 Jan 6 14:23 known_hosts
# mkdir identity-test
# cd iden*
# ls
# ssh-keygen -f id_rsa -t rsa
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
63:e1:20:a7:ad:16:6e:da:f9:27:9d:05:05:49:8f:9a root@unknown
# ls
id_rsa id_rsa.pub
# pwd
/.ssh/identity-test
# ssh [email protected] 'mkdir .ssh'
Password:
Password:
Password:
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

This one is working:
vim /etc/ssh/sshd_config
Edit line:
PermitRootLogin yes
:wq
vim /etc/default/login
Comment Line:
CONSOLE=/dev/console
:wq
Restart service:
svcadm restart ssh
http://www.msysc.org/index.php?page=remote-root-login

Kerberos, vnc, and ssh

Hi, I was wondering if anyone had seen these problems trying to enable vnc and ssh support on a Mavericks server (latest OS and Server versions).
In particular, I get errors when I attempt to use sso_util:o_util -
sso_util configure -R MYSERVER.MYDOMAIN.COM -a diradmin ssh
/Local/Default
/LDAPv3/127.0.0.1
Creating the service list
Creating the service principals
OSStatus CreateKerberosPrincipals(CFStringRef, CFStringRef, const char *, CFMutableDictionaryRef, Boolean): Error adding principal to keytab: kadmin: ext vnc/[email protected]: Principal does not exist
Creating the keytab file
Configuring services
WriteSetupFile: setup file path = /temp.NOKc/setup
$ sso_util configure -r MYSERVER.MYDOMAIN.COM -a diradmin ssh
Password:
/Local/Default
/LDAPv3/127.0.0.1
Creating the service list
Creating the service principals
OSStatus CreateKerberosPrincipals(CFStringRef, CFStringRef, const char *, CFMutableDictionaryRef, Boolean): Error adding principal to keytab: kadmin: ext host/[email protected]: Principal does not exist
Creating the keytab file
Configuring services
WriteSetupFile: setup file path = /temp.KZUY/setup
I get the same errors if I use "kadmin -l" and attempt to create the principals using "add -r host/myserver.mydomain.com" and "add -r vnc/myserver.mydomain.com". The principals don't exist if I try to list them.
Kerberos is working fine for some other services, like imap and smtp. The principals exist.
Does anyone knwo why I can't create these? Thanks!

Check your TCP segment size. To find out what it should be you can try the following.
From a PC at site A, ping a PC at Site B. You need to set some ICMP switches though.
C:\>ping 10.10.2.100 -f -l 1500
The -f is set the Do Not Fragment flag, the -l is the send buffer size. Continue to do this each time decreasing the packet size until you have a successful ping. When you find that number, that is your maximum TCP segment size. You can then set that on the router. Any packet that is too big, the router will respond to the sending device saying it is too big, send a smaller size. It will do that until the packet is less than or equal to the number you set. In most routers the largest size you can set is 1460, so that might save you some time. To set it in the router, go to the tunnel interface and enter "ip tcp adjust-mss
HTH and please rate.

Simple SSH Access-List Question

I am enabling SSH access for all of our Cisco devices and want to restrict access to just the following ip addresses: 192.168.200.1-192.168.200.50. I forgot the exact access-list configuration to accomplish this. The subnet is /24 and I don't want the whole subnet - just .1 - .50.
Thank you,
Thomas Reiling

Hi there,
If using ssh make sure you have a domain name, host name and a generated rsa key. Assuing you've done that, the the following ACL and line vty command will do the trick. Note that the 1-50 host list is not on a subnet barrier.
To get it exactly
access-list 1 remark ALLOW MANAGEMENT
access-list 1 permit 192.168.200.0 0.0.0.31
access-list 1 permit 192.168.200.32 0.0.0.15
access-list 1 permit 192.168.200.48 0.0.0.1
access-list 1 host 192.168.200.50
access-list 1 deny any log
It would be a good idea to put it on a boundary though, so the following would be much more simpler and easier to read.
access-list 1 remark ALLOW MANAGEMENT
access-list 1 permit 192.168.200.0 0.0.0.63
access-list 1 deny any log
Apply the access-class on the vty lines and depending on authentication, i'd put something there too.
line vty 0 4
access-class 1 in
transport input ssh
password blahblah
That ought to do it.
good luck!
Brad

Sshmc - control music from anywhere via SSH

SSH Music Controller
Information:
* Written in python
* Allows you to play, pause, skip forward, skip backwards, and stop a song on a remote computer
* Adjust volume on a remote computer
Screenshot:
Known bugs:
* If the song ends and goes on to the next song, the line of text that displays the current song doesn't change. A workaround is to press play.
Currently supported music players:
* ncmpcpp
Dependencies for client machine (controlling the music):
* python (official repos)
* wxpython (official repos)
Dependencies for remote machine (playing the music):
* one of the supported music players from above
Installation (this requires git):
1) First, clone the files from my github:
$ git clone git://github.com/itsbrad212/sshmc.git
2) Run the install script on the client machine as root
# ./install.sh
3) Edit /usr/share/sshmc/sshmc.py to set the IP address of the remote machine, the SSH port to use, and the user to login as
4) You're done! You should now be able to launch the application by executing the sshmc command from wherever you choose.
Configuration:
* Edit /usr/share/sshmc/sshmc.py to set the IP address of the remote machine, the SSH port to use, and the user to login as
Footnotes:
* Please report any bugs so I can fix them
* If you would like support for your music player, just ask
* I am using keychain so I am not prompted with an SSH password. I strongly reccomend using this, or using a public key.
Changelog:
* Added an install script and icons (7/23/10)
* Removed need for amixer-wrapper [falconindy] (7/25/10)
Last edited by itsbrad212 (2010-07-25 19:06:53)

falconindy wrote:
A few points:
* You've left yourself hardcoded in def PlaySong. On line 91:
os.system("ssh -p 22 [email protected] 'ncmpcpp play'")
* A separate user based config file would be good to have rather than editing the script itself.
* I don't understand the need for the C wrapper on amixer when a python function would suffice to read and parse the output.
* Consider adopting, updating, and using python-mpdclient. It would allow you to do a lot more things solely in Python rather than constantly forking and calling the OS. ...I suppose at that point, you're moving towards a more full fledged MPD client.
Crap...thanks for those tips falconindy. I had removed that hardcoded portion, but I forgot to commit the changes I'll definitely check out python-mpdclient.
Also, about the C wrapper: It's all I could find at the moment. If you, myself, or someone else could find/write something in python, I'll be happy to replace amixer-wrapper. I will most likely make a seperate config file as well. This release was an sort of an alpha.
Last edited by itsbrad212 (2010-07-25 17:36:20)

Defending against ssh attacks

Hi all: We proxy ssh traffic to one of our SLES servers for
ssh tunneling purposes. We have disabled password
authentication and rely solely on rsa key authentication.
However, we still have a flood of ssh password guessing
traffic which I want to block.
One option I am looking at is to abandon the ssh proxy and
route all ssh traffic directly to the SLES box. Then on the
SLES box config iptables to allow only so many ssh login
attempts per minute per ip address. Alternately iptables
could be setup to permanently block ip addresses after so
many failures.
My question is this: Can a similar technique be employed on
our BM 3.9 server? I really don't want to have to screw
around with multiple firewalls!
Thanks, Chris.

I was hoping for something more automated. My current
thinking is to remove the ssh proxy and blindly forward all
ssh traffic to our SLES box. I can then use iptables and an
automated tool to do the heavy lifting.
>>> On 10/8/2009 at 3:24 PM, in message
<[email protected]>, Craig
Johnson<[email protected]> wrote:
> In article <4ACDDB6F.CE15.0032.0@N0_$pam.vrapc.com>, Chris
> wrote:
>> My question is this: Can a similar technique be employed
> on
>> our BM 3.9 server? I really don't want to have to screw
>> around with multiple firewalls!
>>
> BMgr/NetWare doesn't have the ability to put a threshold
> on connection
> attempts like that and block a source. You could, if it
> helps any, put
> in rules (or filter exceptions) that limit connections
> to a particular
> address or subnet.
>
> Craig Johnson
> Novell Support Connection SysOp
> *** For a current patch list, tips, handy files and
> books on
> BorderManager, go to http://www.craigjconsulting.com ***

Cisco RV042 Firewall Blocking LAN Traffic

Hello Everyone,
I currently have an RV042G with a downstream SG-300 connected to one of the LAN interfaces. Connected to the SG-300 are a couple servers running ESXi. Intervlan routing is working fine on the current setup; however, I only able to connect to my ESXi hosts on a separate VLAN for approximately a minute before the connection is dropped. I have concluded that the firewall seems to be culprit in blocking my traffic. If I turn the firewall off, everything acts as expected. There is a default "ANY/ANY" rule for LAN traffic enabled and I have added a couple extras allowing all traffic for IP ranges, but I still seem to be losing my connections. To make matters more confusing, I can see ACCESS_RULE events in the firewall logs permitting the traffic (or so I'm interpretting).
Regardless, here's how my rules currently stand below. I put another ANY/ANY rule in because the default didn't seem to be working -- I immediately was able to ping other hosts on different VLANs after adding the rule. I was under the assumption allowing all traffic from any source to any destination would make the LAN pretty accessible. I would appreciate any guidance or resources on this topic to set up some quick firewall rules to get things up and running. Thanks in advance.
Priority
Enable
Action
Service
Source
Interface
Source
Destination
Time
Day
Delete
123
Allow
All Traffic [1]
LAN
10.10.21.1 ~ 10.10.21.31
10.10.10.10 ~ 10.10.10.10
Always
123
Allow
All Traffic [1]
LAN
10.10.10.10 ~ 10.10.10.10
10.10.21.1 ~ 10.10.21.31
Always
123
Allow
All Traffic [1]
LAN
Any
Any
Always
Allow
All Traffic [1]
LAN
Any
Any
Always
Deny
All Traffic [1]
WAN1
Any
Any
Always
Deny
All Traffic [1]
WAN2
Any
Any
Always

I guess I should clarify, the SG-300 is running in Layer 3 mode, and the VLANs are defined on it; however, the static routes are defined on the RV042. Maybe there's a more efficient way of doing this?
Below is a scrubbed copy of my switch configuration.
config-file-header
SWITCH01
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router
vlan database
vlan 2
exit
no bonjour enable
hostname SWITCH01
no logging console
ip ssh server
ip ssh password-auth
clock timezone CEST +1
interface vlan 1
ip address 10.10.10.2 255.255.255.0
no ip address dhcp
interface vlan 2
name VIRTUAL-MANAGEMENT
ip address 10.10.21.1 255.255.255.224
interface gigabitethernet1
description ESXI01:VMNIC0:MGMT
switchport trunk allowed vlan add 2
interface gigabitethernet20
description UPLINK
exit
ip route 0.0.0.0 /0 10.10.10.1 metric 15
The routes I have defined is:
Destination IP
Subnet Mask
Default Gateway
Hop Count
Interface
10.10.21.0
255.255.255.224
10.10.10.2
1
eth0
10.10.10.0
255.255.255.0
0
eth0
255.255.252.0
0
eth1
239.0.0.0
255.0.0.0
0
eth0
default
0.0.0.0
40
eth1
Just to reiterate the problem, I am able to connect to hosts on VLAN 2 from my computer on VLAN 1, but I am disconnected a minute or so later. When the firewall is disabled, I have no issues with connecting to the host across VLANs and maintaining that connection. Maybe I have a misconfiguration somewhere that is causing some issues? I appreciate the help.

SG-300 28P switches problem with VLAN Data and Voice, working all the time as Voice VLAN

Hi Everyone,
Thank you very much for your help in advance. I’m pulling my hair to fix the problem.
I just got the new SG-300 28P switches. My Bios ordered for me. I did not know how it runs until now... not an IOS based. I really do not know how to configure it.
I have 2 VLAN are Data and Voice.
-          Data VLAN ID is 2 IP 192.168.2.X/255.255.255.0
-          Voice VLAN ID is 200 IP 192.168.22.X/255.255.255.0
-          I created two vlans, in switch, Data and Voice.
-          On the port number 28, it is trunk by default, so I add Data vlan ID 2 tagged.
-          On the port number 26, it is trunk by default, so I add Voice vlan ID 200 tagged.
-          On the port number 27, I add Data vlan ID 2 tagged for Data vlan out.
-          Port settings No.1
I set it up as Trunk with Data vlan 2 untagged, and 200 Tagged (voice vlan). I plugged in a phone with a pc attached. But the PC will get to the vlan 200 to get the DHCP address, but no from vlan 2. The Phone works with correct vlan ip.
-          Port settings No.2
Trunk with vlan 1UP, 2T, and 200T. The phone is even worse. Would never pick up any IP from DHCP.
-          Port settings No.3
Access with 200U...of course the phone will work... and the PC could not get to its own vlan. Instead, the PC got an ip from the voice vlan. Not from VLAN 2.
I have Linksys phone I’m not sure if this help.
For more information I setup in switch,
            - enable voice vlan
- set the port on auto voice vlan
- enable LLDP-MED globally
- create a network policy to assign VLAN 200
- assign this network policy to the port the phone is connected to.
I hope this information help to help me to setup Data and Voice vlans, to plug the phone to work with vlan Voice 200 (IP rang 192.168.22.X), from phone to Pc and pc work as Data vlan 2 (IP rang 192.168.2.X).

I just got done setting up voice VLANs on an SF 300-24P and verified working. This was working with Cisco 7900 series phones connected to a Cisco UC setup.
Here's my sample config.
Note that I edited this by hand before posting, so doing a flat out tftp restore probably won't work. However, this should give you a clue. Also, don't take this as 100% accurate or correct. I've only been working with these things for about a week, though I've worked with the older Linksys SRW switches for a couple of years. I'm a CCNP/CCDP.
VLAN 199 is my management VLAN and is the native VLAN on 802.1q trunks.
VLAN 149 is the data/computer VLAN here.
VLAN 111 is the voice/phone VLAN here.
VLAN 107 does nothing.
interface range ethernet e(1-24)
port storm-control broadcast enable
exit
interface ethernet e1
port storm-control include-multicast
exit
interface ethernet e2
port storm-control include-multicast
exit
interface ethernet e3
port storm-control include-multicast
exit
interface ethernet e4
port storm-control include-multicast
exit
interface ethernet e5
port storm-control include-multicast
exit
interface ethernet e6
port storm-control include-multicast
exit
interface ethernet e7
port storm-control include-multicast
exit
interface ethernet e8
port storm-control include-multicast
exit
interface ethernet e9
port storm-control include-multicast
exit
interface ethernet e10
port storm-control include-multicast
exit
interface ethernet e11
port storm-control include-multicast
exit
interface ethernet e12
port storm-control include-multicast
exit
interface ethernet e13
port storm-control include-multicast
exit
interface ethernet e14
port storm-control include-multicast
exit
interface ethernet e15
port storm-control include-multicast
exit
interface ethernet e16
port storm-control include-multicast
exit
interface ethernet e17
port storm-control include-multicast
exit
interface ethernet e18
port storm-control include-multicast
exit
interface ethernet e19
port storm-control include-multicast
exit
interface ethernet e20
port storm-control include-multicast
exit
interface ethernet e21
port storm-control include-multicast
exit
interface ethernet e22
port storm-control include-multicast
exit
interface ethernet e23
port storm-control include-multicast
exit
interface ethernet e24
port storm-control include-multicast
exit
interface range ethernet g(1-4)
description "Uplink trunk"
exit
interface range ethernet g(1-4)
switchport default-vlan tagged
exit
interface range ethernet e(21-24)
switchport mode access
exit
vlan database
vlan 107,111,149,199
exit
interface range ethernet g(1-4)
switchport trunk allowed vlan add 107
exit
interface range ethernet e(21-24)
switchport access vlan 111
exit
interface range ethernet g(1-4)
switchport trunk allowed vlan add 111
exit
interface range ethernet e(1-20)
switchport trunk native vlan 149
exit
interface range ethernet g(1-4)
switchport trunk allowed vlan add 149
exit
interface range ethernet g(1-4)
switchport trunk native vlan 199
exit
voice vlan aging-timeout 5
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
voice vlan oui-table add 108ccf MyCiscoIPPhones1
voice vlan oui-table add 40f4ec MyCiscoIPPhones2
voice vlan oui-table add 8cb64f MyCiscoIPPhones3
voice vlan id 111
voice vlan cos 6 remark
interface ethernet e1
voice vlan enable
exit
interface ethernet e1
voice vlan cos mode all
exit
interface ethernet e2
voice vlan enable
exit
interface ethernet e2
voice vlan cos mode all
exit
interface ethernet e3
voice vlan enable
exit
interface ethernet e3
voice vlan cos mode all
exit
interface ethernet e4
voice vlan enable
exit
interface ethernet e4
voice vlan cos mode all
exit
interface ethernet e5
voice vlan enable
exit
interface ethernet e5
voice vlan cos mode all
exit
interface ethernet e6
voice vlan enable
exit
interface ethernet e6
voice vlan cos mode all
exit
interface ethernet e7
voice vlan enable
exit
interface ethernet e7
voice vlan cos mode all
exit
interface ethernet e8
voice vlan enable
exit
interface ethernet e8
voice vlan cos mode all
exit
interface ethernet e9
voice vlan enable
exit
interface ethernet e9
voice vlan cos mode all
exit
interface ethernet e10
voice vlan enable
exit
interface ethernet e10
voice vlan cos mode all
exit
interface ethernet e11
voice vlan enable
exit
interface ethernet e11
voice vlan cos mode all
exit
interface ethernet e12
voice vlan enable
exit
interface ethernet e12
voice vlan cos mode all
exit
interface ethernet e13
voice vlan enable
exit
interface ethernet e13
voice vlan cos mode all
exit
interface ethernet e14
voice vlan enable
exit
interface ethernet e14
voice vlan cos mode all
exit
interface ethernet e15
voice vlan enable
exit
interface ethernet e15
voice vlan cos mode all
exit
interface ethernet e16
voice vlan enable
exit
interface ethernet e16
voice vlan cos mode all
exit
interface ethernet e17
voice vlan enable
exit
interface ethernet e17
voice vlan cos mode all
exit
interface ethernet e18
voice vlan enable
exit
interface ethernet e18
voice vlan cos mode all
exit
interface ethernet e19
voice vlan enable
exit
interface ethernet e19
voice vlan cos mode all
exit
interface ethernet e20
voice vlan enable
exit
interface ethernet e20
voice vlan cos mode all
exit
interface ethernet e1
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e2
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e3
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e4
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e5
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e6
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e7
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e8
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e9
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e10
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e11
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e12
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e13
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e14
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e15
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e16
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e17
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e18
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e19
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e20
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e21
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e22
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e23
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e24
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet g1
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet g2
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet g3
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet g4
lldp optional-tlv port-desc sys-name sys-desc sys-cap 802.3-mac-phy 802.3-lag 802.3-max-frame-size
exit
interface ethernet e1
lldp med notifications topology-change enable
exit
interface ethernet e2
lldp med notifications topology-change enable
exit
interface ethernet e3
lldp med notifications topology-change enable
exit
interface ethernet e4
lldp med notifications topology-change enable
exit
interface ethernet e5
lldp med notifications topology-change enable
exit
interface ethernet e6
lldp med notifications topology-change enable
exit
interface ethernet e7
lldp med notifications topology-change enable
exit
interface ethernet e8
lldp med notifications topology-change enable
exit
interface ethernet e9
lldp med notifications topology-change enable
exit
interface ethernet e10
lldp med notifications topology-change enable
exit
interface ethernet e11
lldp med notifications topology-change enable
exit
interface ethernet e12
lldp med notifications topology-change enable
exit
interface ethernet e13
lldp med notifications topology-change enable
exit
interface ethernet e14
lldp med notifications topology-change enable
exit
interface ethernet e15
lldp med notifications topology-change enable
exit
interface ethernet e16
lldp med notifications topology-change enable
exit
interface ethernet e17
lldp med notifications topology-change enable
exit
interface ethernet e18
lldp med notifications topology-change enable
exit
interface ethernet e19
lldp med notifications topology-change enable
exit
interface ethernet e20
lldp med notifications topology-change enable
exit
interface ethernet e21
lldp med notifications topology-change enable
exit
interface ethernet e22
lldp med notifications topology-change enable
exit
interface ethernet e1
lldp med enable network-policy poe-pse
exit
interface ethernet e2
lldp med enable network-policy poe-pse
exit
interface ethernet e3
lldp med enable network-policy poe-pse
exit
interface ethernet e4
lldp med enable network-policy poe-pse
exit
interface ethernet e5
lldp med enable network-policy poe-pse
exit
interface ethernet e6
lldp med enable network-policy poe-pse
exit
interface ethernet e7
lldp med enable network-policy poe-pse
exit
interface ethernet e8
lldp med enable network-policy poe-pse
exit
interface ethernet e9
lldp med enable network-policy poe-pse
exit
interface ethernet e10
lldp med enable network-policy poe-pse
exit
interface ethernet e11
lldp med enable network-policy poe-pse
exit
interface ethernet e12
lldp med enable network-policy poe-pse
exit
interface ethernet e13
lldp med enable network-policy poe-pse
exit
interface ethernet e14
lldp med enable network-policy poe-pse
exit
interface ethernet e15
lldp med enable network-policy poe-pse
exit
interface ethernet e16
lldp med enable network-policy poe-pse
exit
interface ethernet e17
lldp med enable network-policy poe-pse
exit
interface ethernet e18
lldp med enable network-policy poe-pse
exit
interface ethernet e19
lldp med enable network-policy poe-pse
exit
interface ethernet e20
lldp med enable network-policy poe-pse
exit
interface ethernet e21
lldp med enable network-policy poe-pse
exit
interface ethernet e22
lldp med enable network-policy poe-pse
exit
lldp med network-policy 1 voice vlan 111 vlan-type tagged
interface range ethernet e(1-22)
lldp med network-policy add 1
exit
interface vlan 199
ip address 199.16.30.77 255.255.255.0
exit
ip default-gateway 199.16.30.3
interface vlan 1
no ip address dhcp
exit
no bonjour enable
bonjour service enable csco-sb
bonjour service enable http
bonjour service enable https
bonjour service enable ssh
bonjour service enable telnet
hostname psw1
line console
exec-timeout 30
exit
line ssh
exec-timeout 30
exit
line telnet
exec-timeout 30
exit
management access-list Management1
permit ip-source 10.22.5.5 mask 255.255.255.0
exit
logging 199.16.31.33 severity debugging description mysysloghost
aaa authentication enable Console local
aaa authentication enable SSH tacacs local
aaa authentication enable Telnet local
ip http authentication tacacs local
ip https authentication tacacs local
aaa authentication login Console local
aaa authentication login SSH tacacs local
aaa authentication login Telnet local
line telnet
login authentication Telnet
enable authentication Telnet
password admin
exit
line ssh
login authentication SSH
enable authentication SSH
password admin
exit
line console
login authentication Console
enable authentication Console
password admin
exit
username admin password admin level 15
power inline usage-threshold 90
power inline traps enable
ip ssh server
snmp-server location in-the-closet
snmp-server contact [email protected]
ip http exec-timeout 30
ip https server
ip https exec-timeout 30
tacacs-server host 1.2.3.4 key spaceballz timeout 3 priority 10
clock timezone -7
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server 199.16.30.1
sntp server 199.16.30.2
ip domain-name mydomain.com
ip name-server 199.16.5.12 199.16.5.13
ip telnet server

SSH password

Similar Messages

Maybe you are looking for