How to enable HTTPS/SSH and disable HTTP/Telnet for switch management on PowerConnect 5500 series switches

摘要: steps necessary to restrict management access to using HTTPS and SSH

本文适用于 本文不适用于 本文并非针对某种特定的产品。 本文并非包含所有产品版本。
查看其他资源

说明

 

This article provides the steps necessary to restrict management access to using HTTPS and SSH.

 
Caution: This process requires use of the Command Line Interface (CLI). This process can be utilized through a serial or telnet session. However these steps must be followed in order to prevent unintentionally blocking access to remote management.

 

This procedure assumes:

  • The switch is already configured with an IP address and is reachable within the network.
  • There is an account created with Privilege Level 15.  To verify this, use the command: console#show users accounts.
Note: After completing these steps, you can expect to receive errors about certificate authenticity. This is due to the certificates and keys being self-generated. This is not an error.

 

Caution: Before disabling either telnet or HTTP access, verify SSH or HTTPS access.
Note: If SSH or HTTPS is enabled and the disabling of telnet and HTTP is desired, skip to step 3 to disable telnet and step 5 to disable HTTP.
  1. Connect to the switch via CLI
  2. To enable SSH, enter the following commands:
    1. console> enable
    2. console# config
    3. console(config)# crypto key generate rsa
    4. console(config)# crypto key generate dsa
    5. console(config)# ip ssh server
  3. To disable telnet, enter:  console(config)#no ip telnet server
  4. To enable HTTPS, enter the following commands"
    1. console(config)# crypto certificate 1 generate key
    2. console(config)# ip https certificate 1
    3. console(config)# ip http secure-server
Note: This system is capable of the generation and storage of 2 certificates. To generate the second key, replace the number 1 with 2. To activate the second key, use (config)#ip https certificate 2.
  1. To disable HTTP, enter:  console(config)# no ip http server
  2. After verifying connectivity via SSH or HTTPS, save the configuration by entering:  console#copy running-config startup-config

受影响的产品

PowerConnect 5524, PowerConnect 5524P, PowerConnect 5548, PowerConnect 5548p
文章属性
文章编号: 000120459
文章类型: How To
上次修改时间: 05 6月 2025
版本:  6
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。