Enable or Disable SSH Service

The SSH service is enabled by default. Disabling SSH service forcibly disconnects all SSH sessions running on a device.

About this task

Note

When shutting down the service, either the SSH or the Telnet server on the Management VRF must remain operational. For example; if the Telnet server on the default-vrf and mgmt-vrf are shut down, the ssh server can be disabled on the default-vrf, but NOT on the mgmt-vrf.

1. In privileged EXEC mode, enter global configuration mode.
   

   device# configure terminal

2. Disable SSH service on the device.
   

   device(config)# ssh server use-vrf
   Possible completions:
   <VRF Name> Provide the vrf (mgmt-vrf,default-vrf or <user defined vrf>) on which to start/stop ssh server
   device(config)# ssh server use-vrf default-vrf shutdown

   All SSH sessions on the specified vrf are immediately terminated, and cannot be re-established until the service is re-enabled.
3. Enable SSH service on the device.
   

   device(config)# no ssh server use-vrf default-vrf shutdown

   

   Note

   The shutdown option for a given VRF is displayed only when the SSH server was configured and then shutdown on that VRF. Otherwise, the VRF name and shutdown option are not displayed for the no form of the command.

   

   Note

   Additionally, the SSH Server can be restarted on all VRF instances using ssh-server restart.