Configuring SSH for Management Access

About this task

By default, SSH is enabled from the factory settings on the controller. The controller requires an IP address and login credentials.

To enable SSH access on a device, login through the serial console and perform the following:

Procedure

The session, by default, opens in the USER EXEC mode (one of the two access levels of the EXEC mode). Access the PRIV EXEC mode from the USER EXEC mode.
```
rfs4000-6DB5D4>en
rfs4000-6DB5D4#
```

Access the GLOBAL CONFIG mode from the PRIV EXEC mode.

rfs4000-6DB5D4>en
rfs4000-6DB5D4#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
rfs4000-6DB5D4(config)#

Go to ‘default-management-policy‘ mode.

rfs4000-6DB5D4(config)#management-policy ?
  MANAGEMENT  Name of the management policy to be configured (will be created
              if it does not exist)

rfs4000-6DB5D4(config)#management-policy default
rfs4000-6DB5D4(config-management-policy-default)#

Enter SSH at the command prompt.

rfs4000-6DB5D4(config-management-policy-default)#ssh
rfs4000-6DB5D4(config-management-policy-default)#commit write
rfs4000-6DB5D4(config-management-policy-default)#end
rfs4000-6DB5D4#exit

Connect to the controller through SSH using its configured IP address. If logging in for the first time, use the following credentials:


User Name	admin
Password	admin123 Note: When logging in for the first time, you will be prompted to change the password. Re-set the password and use it for subsequent logins.

On subsequent logins, to change the password, access the default management-policy configuration mode and enter the username, new password, role, and access details.

rfs4000-6DB5D4(config-management-policy-default)#user testuser password test@123
 role helpdesk access all
rfs4000-6DB5D4(config-management-policy-default)#commit
rfs4000-6DB5D4(config-management-policy-default)#show context
management-policy default
 telnet
 http server
 https server
 no ftp
 ssh
 user admin password 1 fd07f19c6caf46e5b7963a802d422a708ad39a24906e04667c8642299c8462f1 role superuser access all
 user testuser password 1 32472f01757293a181738674bdf068ffe0b777ce145524fc669278820ab582c0 role helpdesk access all
 snmp-server community 2 uktRccdr9eLoByF5PCSuFAAAAAeB78WhgTbSKDi96msyUiW+ rw
 snmp-server community 2 Ne+R15zlwEdhybKxfbd6JwAAAAZzvrLGzU/xWXgwFtwF5JdD ro
 snmp-server user snmptrap v3 encrypted des auth md5 2 WUTBNiUi7tL4ZbU2I7Eh/QAAAAiDhBZTln0UIu+y/W6E/0tR
 snmp-server user snmpmanager v3 encrypted des auth md5 2 9Fva4fYV1WL4ZbU2I7Eh/QAAAAjdvbWANBNw+We/xHkH9kLi
 no https use-secure-ciphers-only
rfs4000-6DB5D4(config-management-policy-default)#

Log on to the SSH console and provide the user details configured in the previous step to access the controller.
```
rfs4000 release 5.9.6.0-004D
rfs4000-6DB5D4 login: testuser
Password:
Welcome to CLI
Starting CLI...
rfs4000-6DB5D4>
```