Cisco Systems 3130 User Manual
7-40
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter 7 Configuring Switch-Based Authentication
Configuring the Switch for Secure Shell
•
When generating the RSA key pair, the message
No domain specified
might appear. If it does, you
must configure an IP domain name by using the ip domain-name global configuration command.
•
When configuring the local authentication and authorization authentication method, make sure that
AAA is disabled on the console.
AAA is disabled on the console.
Setting Up the Switch to Run SSH
Follow these steps to set up your switch to run SSH:
1.
You can download the cryptographic software image from
www.dell.com/support.
This step is
required. For more information, see the release notes for this release.
2.
Configure a hostname and IP domain name for the switch. Follow this procedure only if you are
configuring the switch as an SSH server.
configuring the switch as an SSH server.
3.
Generate an RSA key pair for the switch, which automatically enables SSH. Follow this procedure
only if you are configuring the switch as an SSH server.
only if you are configuring the switch as an SSH server.
4.
Configure user authentication for local or remote access. This step is required. For more
information, see the
information, see the
.
Beginning in privileged EXEC mode, follow these steps to configure a hostname and an IP domain name
and to generate an RSA key pair. This procedure is required if you are configuring the switch as an SSH
server.
and to generate an RSA key pair. This procedure is required if you are configuring the switch as an SSH
server.
To delete the RSA key pair, use the crypto key zeroize rsa global configuration command. After the
RSA key pair is deleted, the SSH server is automatically disabled.
RSA key pair is deleted, the SSH server is automatically disabled.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
hostname hostname
Configure a hostname for your switch.
Step 3
ip domain-name domain_name
Configure a host domain for your switch.
Step 4
crypto key generate rsa
Enable the SSH server for local and remote authentication on the switch
and generate an RSA key pair.
and generate an RSA key pair.
We recommend that a minimum modulus size of 1024 bits.
When you generate RSA keys, you are prompted to enter a modulus
length. A longer modulus length might be more secure, but it takes longer
to generate and to use.
length. A longer modulus length might be more secure, but it takes longer
to generate and to use.
Step 5
end
Return to privileged EXEC mode.
Step 6
show ip ssh
or
show ssh
Show the version and configuration information for your SSH server.
Show the status of the SSH server on the switch.
Step 7
copy running-config startup-config
(Optional) Save your entries in the configuration file.