Disabling the console port on the ml-series card, Secure login on the ml-series card, Secure shell on the ml-series card – Cisco 15327 User Manual
Page 314: Understanding ssh
19-2
Ethernet Card Software Feature and Configuration Guide, R7.2
Chapter 19 Configuring Security for the ML-Series Card
Disabling the Console Port on the ML-Series Card
Disabling the Console Port on the ML-Series Card
There are several ways to access the Cisco IOS running on the ML-Series card, including a direct
connection to the console port, which is the RJ-11 serial port on the front of the card. Users can increase
security by disabling this direct connection, which is enabled by default. This prevents console port input
without preventing any console port output, such as Cisco IOS error messages.
You can disable console port access through CTC or TL1. To disable it with CTC, at the card-level view
of the ML-Series card, click under the IOS tab and uncheck the Enable Console Port Access box and
click Apply. The user must be logged in at the Superuser level to complete this task.
To disable it using TL1, refer to the Cisco ONS SONET TL1 Command Guide.
Secure Login on the ML-Series Card
The ML-Series card supports the Cisco IOS login enhancements integrated into Cisco IOS
Release 12.2(25)S and introduced in Cisco IOS Release 12.3(4)T. The enhancements allow users to
better secure the ML-Series card when creating a virtual connection, such as Telnet, SSH, or HTTP. The
secure login feature records successful and failed login attempts for vty sessions (audit trail) on the
ML-Series card. These features are configured using the Cisco IOS command-line interface (CLI.)
For more information, including step-by-step configuration examples, refer to the Cisco IOS Release
12.2(25)S feature guide module Cisco IOS Login Enhancements at
http://www.cisco.com/en/US/products/sw/iosswrel/ps1838/products_feature_guides_list.html.
Secure Shell on the ML-Series Card
This section describes how to configure the SSH feature.
These sections contain this information:
•
•
•
Displaying the SSH Configuration and Status, page 19-5
For other SSH configuration examples, see the “SSH Configuration Examples” section in the
“Configuring Secure Shell” chapter of the Cisco IOS Security Configuration Guide, Cisco IOS
Release 12.2, at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fothersf.htm
Note
For complete syntax and usage information for the commands used in this section, see the command
reference for Cisco IOS Release 12.2 at the URL:
Understanding SSH
The ML-Series card supports SSH, both version 1 (SSHv1) and version 2 (SSHv2). SSHv2 offers
security improvements over SSHv1 and is the default choice on the ML-Series card.