Sep 232010
 

Because I had so much trouble finding this information.

If you’ve already got telnet set up, and your config includes a line like

username admin password 123487123458134789561278561927845 level 15 encrypted

Then you’re already very close. Only two steps remain between you and SSH console access.

  1. crypto key generate dsa (or rsa)
  2. ip ssh server

That’s it! Don’t bother with the instructions that you might find in the user guide for “configuring an initial SSH console password” that have you mess with aaa authentication default line and the like. They’re red herrings.

  8 Responses to “Enabling SSH on Dell PowerConnect Switches”

  1. Thank you, thank you…

  2. Incidentally, if you DO have a aaa server, here’s part of what one of my active configs looks like (the important part, of course):

    aaa authentication login default tacacs local
    enable password level 15 123123123123123123 encrypted
    username admin password 123123123123123123 level 15 encrypted
    ip ssh server
    tacacs-server host 1.1.1.1 key i.shared.this

    But getting the ssh server to run is just the two commands in the article. Assigning a management IP, setting up user accounts, and any other operational steps are left as exercises for the reader.

  3. just in case someone has the same problem.
    I had to do both:
    crypto key generate rsa
    AND
    crypto key generate dsa

    before I could do
    ip ssh server
    otherwiese it would say
    sshd_api.c(79) 1651 %% Failed to find SSHD key files

    but after that, everything was ok.

    Thanks
    Tom

  4. I can’t tell you how frustrating figuring this out was. Thank you for this post!

  5. Thank you very much for this post!

  6. Hi guys,
    this doesn’t work for me..

    When trying to start the SSHD (ip ssh server), i get: ‘SSH could not be enabled.’ error msg.
    Any idea what this could be?

    I am checking if I find a solution in the meantime.

    Thx.
    Anoop. J.

  7. Solution:
    You have to use DSA keys… Generating RSA keys alone (PC6248 3.2.1.3) will not allow you to turn on ip ssh server. Hey Dell, maybe the error message should say “please generate DSA keys with this command: ….”

  8. Thank you all for this valuable information. It worked like a charm after generated both the RSA and DSA key pairs. I couldn’t understand why they would make it so difficult to set up SSH access. Now I’m good.

Sorry, the comment form is closed at this time.