• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1172
  • Last Modified:

Can not SSH into a switch

I have a cisco 3750 switch that has SSH capabilities. SSH v1.99 is enabled. When I open SSH from my desktop, I get the password prompt. When I enter the user password, it does not accept it. I do not get an error message, it just will not connect.

I have used the enable password, the user password, and no password. I created a new user password and removed the service password encryption. when I removed the password encryption, the passwords did not show up any differently.  I made sure that the switch has a host  name and ip domain name. I made sure that the aaa new-model was on it. We are not using a radius server host, we are using local login. I have set the VTY line to privilege level 15 and transport input SSH. The crypto key (general purpose) has been generated.

Any and all help/Ideas appreciated
  • 2
  • 2
1 Solution
With running crypto IOS you have to configure an domain-name for the switch:
ip domain-name yourdomain.tld

generate a rsa key:
crypto key generate rsa

enabling ssh version 2:
ip ssh version 2

add a local user :
username cisco privilege 15 password password

configure vty lines:
line vty 0 15
login local
transport input ssh

The above code will remove telnet access to your switch, which I recommend, the link below will show you how to keep telnet access.


I am using ssh v2, not v1.99, try that first.

What I typically do is make the above changes, then go in and add the users I want with the network assistant tool (I know I should use the CLI)

This has always worked for me.  But it sounds like if its not prompting you for a username it may not be using the 'login local' check that.

KevinCovert covered it very well the only thing i would add to  your configuration on the AAA part is:

aaa authentication login default local
aaa authentication enable default enable

This will make the AAA look to the local DB for AAA

Make sure you have an account created with priv 15  that way you can get to enable mode and so on.
David-SGCAuthor Commented:
I appologize for the length of time it has taken me to get back to this.  Some family issues have kept me away from work for awhile.  I know the issue was fixed, just not sure what the actual fix was.  I will consult with my co-worker and try to post/accept later today.

David-SGCAuthor Commented:
Again sorry it took so long to get back on this.  Things have been really busy here for the past month.

Thanks again.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now