Enable SSH on Cisco Switches

It’s probably best to use SSH these days when logging into a network switch. Telnet is enabled by default, but is less secure because the password is sent in clear-text. To enable SSH on a Cisco switch, perform the following steps:

  • conf t
  • aaa new-model
  • username <username> password <password>
  • crypto key generate rsa (Choose the bit size for the key)
  • ip ssh time-out 60
  • ip ssh authentication-retries 2
  • ip ssh v2
  • line vty 0 15
  • transport input ssh
  • exit
  • wr
  • NOTE: You must have an IOS which supports SSH loaded on the switch (e.g.; IPSERVICESK9).

    Before you log off the switch and end your session, make sure you can successfully SSH into the switch using the username and password you created above.

    Leave a Comment