Ethernet Switches & Routers

Reply
Contributor
Posts: 32
Registered: ‎12-06-2011

switch management (outband management /ssh / telnet)

Hello,
I am running L3 image and I have configured the switch outband and added the ip on switch

#interface M1
FastIron(config-if-mgmt)#ip addr 192.168.1.200/24

created vlan 2
allocated port 2
added Ip address 192.168.2.1/24

saved and exit.

can anyone tell me who do I enable the ssh/telnet for root or super user as I need to manage it remotely.

when i connect laptop to outband management and try ssh / telnet to ip 192.168.1.200 nothing happens.

Thanks in advance

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

~~~ For SSH Only ~~~~
crypto key generate rsa
!
user metallica priv 0 password *sandman_lives*
!
!
aaa authentication login default local
ip ssh idle-time 25
!
crypto-ssl cert generate
!
no web-management http
web-management https
aaa authentication web-server default local
!
enable aaa console
console timeout 25
!
no telnet server
!
exit
!
ssh no-show-host-keys
!
wr mem

Hope this helps!

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Although I highly recommend against enabling Telnet here is the config.

aaa authentication login default local

enable telnet authentication

enable telnet password *F4d3T0Bl4ck*
enable super-user-password *M4st3r0fPupp3ts*
Hope this helps as well.
Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Contributor
Posts: 32
Registered: ‎12-06-2011

Re: switch management (outband management /ssh / telnet)

Hello,

In brocade switch what is the default superuser/root ?

Do I have to add user from serial console first like you showed

user metallica priv 0 password *sandman_lives*

Yes, telnet is not secure at all so we do not plan to use anything for remote use except one ssh user for managing switch.

Thank you.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

By default, the device does not require a user name or password when you log in to the CLI using Telnet.

To set the password *sandman_lives* for Telnet access to the CLI, enter the following command at the global CONFIG
level:
switch(config)# enable telnet password *sandman_lives*
By default, the switch denies Telnet management access to the device, the software sends
a message to the denied Telnet client.
Setting Passwords for Management Privilege Levels
You can set one password for each of the following management privilege levels:
• Super User level – Allows complete read-and-write access to the system. This is generally for system
administrators and is the only management privilege level that allows you to configure passwords.
• Port Configuration level – Allows read-and-write access for specific ports but not for global (system-wide)
parameters.
• Read Only level – Allows access to the Privileged EXEC mode and CONFIG mode of the CLI but only with
read access.
You can assign a password to each management privilege level. You also can configure up to 16 user accounts
consisting of a user name and password, and assign each user account to one of the three privilege levels.
NOTE: You must use the CLI to assign a password for management privilege levels. You cannot assign a
password using the Web management interface.
If you configure user accounts in addition to privilege level passwords, the device will validate a user’s access
attempt using one or both methods (local user account or privilege level password), depending on the order you
specify in the authentication-method lists.
To set passwords for management privilege levels:
1. At the opening CLI prompt, enter the following command to change to the Privileged level of the EXEC mode:
switch> enable
switch#
2. Access the CONFIG level of the CLI by entering the following command:
switch# configure terminal
switch(config)#
3. Enter the following command to set the Super User level password:
switch(config)# enable super-user-password <text>
NOTE: You must set the Super User level password before you can set other types of passwords. The
Super User level password can be an alphanumeric string, but cannot begin with a number.
4. Enter the following commands to set the Port Configuration level and Read Only level passwords:
switch(config)# enable port-config-password <text>
switch(config)# enable read-only-password <text>
Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Sorry, that last post of mine is ugly (copy and paste with minor notes of my own) I know but atleast you get the picture from it.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

The attached file may also provide some help.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Checking in to see how things are going? Let me know if the solutions I posted was helpful for you or not.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.