Ethernet Switches & Routers

Reply
Contributor
Posts: 32
Registered: ‎12-06-2011

switch management (outband management /ssh / telnet)

Hello,
I am running L3 image and I have configured the switch outband and added the ip on switch

#interface M1
FastIron(config-if-mgmt)#ip addr 192.168.1.200/24

created vlan 2
allocated port 2
added Ip address 192.168.2.1/24

saved and exit.

can anyone tell me who do I enable the ssh/telnet for root or super user as I need to manage it remotely.

when i connect laptop to outband management and try ssh / telnet to ip 192.168.1.200 nothing happens.

Thanks in advance

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

~~~ For SSH Only ~~~~
crypto key generate rsa
!
user metallica priv 0 password *sandman_lives*
!
!
aaa authentication login default local
ip ssh idle-time 25
!
crypto-ssl cert generate
!
no web-management http
web-management https
aaa authentication web-server default local
!
enable aaa console
console timeout 25
!
no telnet server
!
exit
!
ssh no-show-host-keys
!
wr mem

Hope this helps!

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Although I highly recommend against enabling Telnet here is the config.

aaa authentication login default local

enable telnet authentication

enable telnet password *F4d3T0Bl4ck*
enable super-user-password *M4st3r0fPupp3ts*
Hope this helps as well.
Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Highlighted
Contributor
Posts: 32
Registered: ‎12-06-2011

Re: switch management (outband management /ssh / telnet)

Hello,

In brocade switch what is the default superuser/root ?

Do I have to add user from serial console first like you showed

user metallica priv 0 password *sandman_lives*

Yes, telnet is not secure at all so we do not plan to use anything for remote use except one ssh user for managing switch.

Thank you.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

By default, the device does not require a user name or password when you log in to the CLI using Telnet.

To set the password *sandman_lives* for Telnet access to the CLI, enter the following command at the global CONFIG
level:
switch(config)# enable telnet password *sandman_lives*
By default, the switch denies Telnet management access to the device, the software sends
a message to the denied Telnet client.
Setting Passwords for Management Privilege Levels
You can set one password for each of the following management privilege levels:
• Super User level – Allows complete read-and-write access to the system. This is generally for system
administrators and is the only management privilege level that allows you to configure passwords.
• Port Configuration level – Allows read-and-write access for specific ports but not for global (system-wide)
parameters.
• Read Only level – Allows access to the Privileged EXEC mode and CONFIG mode of the CLI but only with
read access.
You can assign a password to each management privilege level. You also can configure up to 16 user accounts
consisting of a user name and password, and assign each user account to one of the three privilege levels.
NOTE: You must use the CLI to assign a password for management privilege levels. You cannot assign a
password using the Web management interface.
If you configure user accounts in addition to privilege level passwords, the device will validate a user’s access
attempt using one or both methods (local user account or privilege level password), depending on the order you
specify in the authentication-method lists.
To set passwords for management privilege levels:
1. At the opening CLI prompt, enter the following command to change to the Privileged level of the EXEC mode:
switch> enable
switch#
2. Access the CONFIG level of the CLI by entering the following command:
switch# configure terminal
switch(config)#
3. Enter the following command to set the Super User level password:
switch(config)# enable super-user-password <text>
NOTE: You must set the Super User level password before you can set other types of passwords. The
Super User level password can be an alphanumeric string, but cannot begin with a number.
4. Enter the following commands to set the Port Configuration level and Read Only level passwords:
switch(config)# enable port-config-password <text>
switch(config)# enable read-only-password <text>
Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Sorry, that last post of mine is ugly (copy and paste with minor notes of my own) I know but atleast you get the picture from it.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

The attached file may also provide some help.

Occasional Contributor
Posts: 14
Registered: ‎10-18-2011

Re: switch management (outband management /ssh / telnet)

Checking in to see how things are going? Let me know if the solutions I posted was helpful for you or not.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook