US Region
Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
+1 302 691 94 10
info@grandmetric.com
EMEA Region
GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com
Technology: Security
Area: Device Hardening
Vendor: Cisco
Title: How to allow SSH only to Cisco device
Software: 12.X , 15.X
Platform: Catalyst switches, Routers
Secure Shell (SSH) is a protocol used when one wants to have vides a secure remote access connection to network devices. Communication between the client and server is encrypted in both SSH version 1 and SSH version 2. Implement SSH version 2 when possible because it uses a more enhanced security encryption algorithm. To restrict the device to accept only ssh connections (no telnet), use configuration below.
Switch# configure terminal
Switch(config)#line vty 0 15
Switch(config-line)#transport input ssh
Verifying if the ssh connection is working:
PC> ssh -1 admin 192.168.2.1
Open
Password:
Verifying if telnet connection is possible
PC> telnet 192.168.2.1
Timeout.