![Cisco 2948G - Catalyst Switch Configuration Manual Download Page 341](http://html.mh-extra.com/html/cisco/2948g-catalyst-switch/2948g-catalyst-switch_configuration-manual_67462341.webp)
20-7
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide
—
Release 8.1
78-15486-01
Chapter 20 Checking Status and Connectivity
Using Secure Shell Encryption for Telnet Sessions
This example shows how to set the logout timer value to 10 minutes:
Console> (enable) set logout 10
Sessions will be automatically logged out after 10 minutes of idle time.
Console> (enable)
This example shows how to set the logout timer value to 0, preventing idle sessions from being
disconnected automatically:
Console> (enable) set logout 0
Sessions will not be automatically logged out.
Console> (enable)
Using Secure Shell Encryption for Telnet Sessions
Note
To use the secure shell encryption (SSH) feature commands, you must be running an encryption image.
Encryption commands are set crypto key rsa, clear crypto key rsa, and show crypto key. See
Chapter 33, “Working with System Software Images,”
for the software image naming conventions that
are used for the encryption images.
The SSH feature provides security for Telnet sessions to the switch. SSH is supported for remote logins
to the switch only. Telnet sessions that are initiated from the switch cannot be encrypted. To use this
feature, you must install the application on the client accessing the switch and you must configure SSH
the switch.
The current implementation of SSH supports version 1, both the data encryption standard (DES) and
3DES encryption methods, and can be used with RADIUS and authentication. To support
authentication for Telnet with secure shell encryption, enter the telnet keyword in the set authentication
commands.
Note
If you are using Kerberos to authenticate to the switch, you will not be able to use the secure shell
encryption feature.
To enable SSH on the switch, perform this task in privileged mode:
This example shows how to create the RSA host key:
Console> (enable) set crypto key rsa 1024
Generating RSA keys.... [OK]
Console> (enable)
The nbits value specifies the RSA key size; the valid key size range is from 512 to 2048 bits. A key size with
a larger number provides higher security but takes longer to generate.
Task
Command
Create the RSA host key.
set crypto key rsa nbits [force]