• Tag : SSH

 
 

SSH not working on alternative port

I am using the config below on a vEOS virtual machine on VMware ESXi. I would like to run SSH on an non-default port. When I skip the server-port 2222 line, SSH works on port 22. When I enable the line connection is denied on port 22, and does time out on port 2222. Is this a bug or am I doing something wrong? ! Command: show running-config ! device: veos (vEOS, EOS-4.21.1.1F) ! ! boot system flash:/vEOS-lab.swi ! transceiver qsfp default-mode 4x10G ! logging console notifications ! hostname veos ip name-server vrf MGMT 10.200.70.67 ip name-server vrf MGMT 10.200.70.77...
Continue reading →

remote SSH and command execution using bash

Hi, I am trying to SSH from one arista to another then execute a file. if i run below commmand manually on first arista cli it’s connected second switch and execute file correctly. SW01#bash ssh -i /home/admin/.ssh/id_rsa 1.1.1.2 bash /home/admin/eth1_up.sh but when i want to automate and write an event-handler on first arista it’s connected second switch but not execute file. ! event-handler test trigger on-intf Ethernet1 operstatus action bash /home/admin/test.sh ! test.sh if [ “$OPERSTATE” = “linkdown” ] ; then Cli -p 15 -c’ bash ssh -i /home/admin/.ssh/id_rsa 172.25.85.101 bash /home/admin/eth1_up.sh ‘ fi what could i missing? Thanks in...
Continue reading →

Other interfaces still accepting SSH with management VRF defined

Hi all, I’m attempting to lock all management protocols down to a management VRF.  This is on the 7280 platform, running 4.15.6M-3137476.4156M My management interface is actually a VLAN interface, not a physical interface.  To accomplish that: [code] management ssh idle-timeout 30 vrf MGMT [/code] and of course: [code] interface Vlan50 vrf forwarding MGMT ip address 192.0.2.1/24 [/code] However, there are other VLAN interfaces on this device, and they’re still accepting ssh connections: [code] interface Vlan16 ip address 192.168.0.2/24 ip virtual-router address 192.168.0.1 [/code]   In that example, I can still SSH in to the 192.168.0.2 address, even though it’s not in...
Continue reading →

Slow SSH Login

A common issue is when accessing a switch via SSH it takes a long time for the user to login and then after that the connection flows smoothly. This is generally due to the fact that SSH does a reverse DNS lookup for the remote device and the DNS query times out. Another common issue is that the management interface is in a VRF but the name servers are not defined in the VRF. To configure a name server in the vrf “management” ip name-server vrf management 10.1.1.10 Ensure that you can ping the DNS server from the switch. If the DNS server...
Continue reading →

Introduction to Managing EOS Devices – Setting up Management

Note: This article is part of the Introduction to Managing EOS Devices series: https://eos.arista.com/introduction-to-managing-eos-devices/      1) Setting Up Management The following management tools are available on Arista EOS for all platforms: VRF-aware management Telnet and SSH Syslog and Console Logging SNMP Versions 1 and 3 NTP DNS Local and remote user control (AAA) TACACS+, RADIUS sFlow XMPP eAPI   Note: in the following configuration examples, the commands in square brackets are optional: [optional]   1.1) VRF Aware Management As of release 4.10.1, EOS supports the ability to constrain management functions to a VRF. This enables the user to separate management based functions...
Continue reading →

How to backup EOS configs to a remote server

This article describes how a switch can push its configuration to a remote server, either on demand or periodically. Automating remote authentication using SSH keys Generate public/private DSA key pair: [root@Arista root]#ssh-keygen -t dsa Enter file in which to save the key (/root/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa. Your public key has been saved in /root/.ssh/id_dsa.pub. Create an ssh config file for the (in this example) root user. Make sure the formatting is correct. [root@Arista ~]#vi /root/.ssh/config Host * IdentityFile /root/.ssh/id_dsa Copy the public key to the remote...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: