Is a username required for SSH? If so where does it go?

abefromanabefroman Posts: 278Banned
Is a username required for SSH? If so where does it go?
line vty 0 4
transport input ssh
login
username admin ????
password pass1234
Next certs:
CCNA 99.9999999999999999999999999999999% Ready

There are /31 types of people in this world, those who understand subnetting, and those who don't

Comments

  • MonkerzMonkerz Posts: 842Member
    I set mine up like this...

    Enable
    Configure Terminal
    username [username] password [password]
    ip domain-name [domainname]
    crypto key generate rsa
    1024
    ip ssh version 2
    line vty 0 4
    transport input ssh
  • abefromanabefroman Posts: 278Banned
    Monkerz wrote: »
    I set mine up like this...

    Enable
    Configure Terminal
    username [username] password [password]
    ip domain-name [domainname]
    crypto key generate rsa
    1024
    ip ssh version 2
    line vty 0 4
    transport input ssh

    So is the username command only used for SSH? Or will that be the username for other things as well?
    Next certs:
    CCNA 99.9999999999999999999999999999999% Ready

    There are /31 types of people in this world, those who understand subnetting, and those who don't
  • MonkerzMonkerz Posts: 842Member
    When you use "transport input ssh" it turns off telnet and enables ssh. To use both, use " transport input telnet ssh". The user name is for Telnet and SSH. Console doesn't require one, only a password.
  • peanutnogginpeanutnoggin Posts: 1,096Member ■■■□□□□□□□
    Monkerz wrote: »
    When you use "transport input ssh" it turns off telnet and enables ssh. To use both, use " transport input telnet ssh". The user name is for Telnet and SSH. Console doesn't require one, only a password.

    Don't forget you can require your console to use the local database by going under lin con 0 and typing:

    login local

    That will force the console to use the local username and database. You can also use aaa for username/password with an external server running RADIUS or TACACS+ protocols for authentication. Hope this helps.

    -Peanut

    EDIT: Before you type the login local under line console 0, be sure to have a local username and password setup on the device.
    We cannot have a superior democracy with an inferior education system!

    -Mayor Cory Booker
  • HardDiskHardDisk Posts: 62Member ■■□□□□□□□□
    Monkerz wrote: »
    I set mine up like this...

    ip domain-name [domainname]
    crypto key generate rsa
    1024

    I have found that this one line of code below can replace the three lines of code above.

    Router(config)#ip http secure-server

    Both methods will generate the crypto keys so why use the three lines when one line seems to get the job done?

    I've been wondering about this for some time so I'm glad it came up in this post. Thanks for shedding some light on this subject.
  • peanutnogginpeanutnoggin Posts: 1,096Member ■■■□□□□□□□
    HardDisk wrote: »
    I have found that this one line of code below can replace the three lines of code above.

    Router(config)#ip http secure-server

    Both methods will generate the crypto keys so why use the three lines when one line seems to get the job done?

    I've been wondering about this for some time so I'm glad it came up in this post. Thanks for shedding some light on this subject.

    The first two things that popped into my head were... what if you don't want HTTPS enabled on your router but you wanted to enable ssh. The default key for the HTTPS is a 1024 key... what if you want a smaller or larger key for your ssh. Other than that... you are correct, the ip http secure-server would suffice. HTH
    We cannot have a superior democracy with an inferior education system!

    -Mayor Cory Booker
Sign In or Register to comment.