Date: Sat, 26 Oct 2002 19:08:05 -0700 From: Kevin Stevens <Kevin_Stevens@pursued-with.net> To: Bsd Neophyte <bsdneophyte@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: problems w/ trying to telnet to my cisco router by tunneling through ssh Message-ID: <EE097B4A-E950-11D6-BF1E-003065715DA8@pursued-with.net> In-Reply-To: <20021027013752.47090.qmail@web20101.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday, Oct 26, 2002, at 18:37 US/Pacific, Bsd Neophyte wrote: > i was looking at the handbook section on ssh tunneling. to try it out > i > figured i'd try to connect to my 806. > > i entered the following command: > > ssh -2 -N -f -L 5023:localhost:23 (router's ip address) > > and I received this error message: > > ssh: connect to address (router's ip address) port 22: Connection > refused > > i thought tunneling like this took port 22 out of the equation? No, you still have to terminate in a specific port. > i didn't have any ACL's on the router... and i tried adding a simple > ACL > to allow unrestricted inward access to my router from my FreeBSD box. You have to set up SSH on the router: ip ssh time-out 60 ip ssh authentication-retries 2 and line vty 0 4 exec-timeout 0 0 password 7 xxxxxxxxxxxxxxxxxx length 0 transport input ssh I beleive you also need to set up a user to authenticate against, rather than just an access password. I ssh from my freebsd box to my 806 all the time: ssh username@host. KeS (BTW - an aside to the list: the 806 is the cheapest Cisco router you can buy that has two Ethernet interfaces - ~$300 new on eBay. You can run a full IOS with firewall feature set and VPN capability on it, with a couple of minor omissions like OSPF/BGP. A very useful investment if you're interested in Cisco routing, and works great as an internet firewall.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EE097B4A-E950-11D6-BF1E-003065715DA8>