IOS: Reverse SSH console access

IOS: Reverse SSH console access

onfiguring IOS for Reverse Telnet

r1#conf t
r1(config)#line 33 64
r1(config-line)#transport input telnet
r1(config-line)#no exec
r1(config-line)#^Z
r1#

Go your telnet client – telnet 198.18.1.1 2033 will connect you to line 33, telnet 198.18.1.1 2034 will connect you to line 2034.

We have confirmed connectivity.

Reverse SSH

The SSH listener doesn’t use the same ports, we have to use rotary groups.

!generate the ssh key or
crypto key generate rsa
!some of the usual stuff for ssh
ip ssh time-out 60
ip ssh authentication-retries 4
!configure the ssh listener at port 2001 through 2127
ip ssh port 2001 rotary 1 127
ip ssh logging events
!
line 33
! set the rotary group the port belongs to, only one port per rotary group
 rotary 1
! do not allow the serial line to create spawn an exec session as this will lock the port.
!This happens when the serial line gets EMF / EMI.
 no exec
!allow SSH thread to access the port.
 transport input ssh
 transport output none
line 34
 rotary 2
 no exec
 transport input ssh
 transport output none
line 35
 rotary 3
 no exec
 transport input ssh
 transport output none
!repeat for every line
This entry was posted in Cisco. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s