RE: Cisco router is running very slow when SSh is implmented
I was going to suggest the use of an access class similar to access lists... applied to the vty lines ... but thanks for the transport input line! also - file under "related info" - it is my understanding that if we did make a simple ACL applied to all incoming traffic blocking telnet on S0/0 for example that outbound telnet from all boxes on the LAN would be blocked as well; as there 'responses' would get dropped at the router ... hence the use of access classes ... Regarding the slow SSH ... have you run a sniffer on that segment to watch the packets, and see if there is some disagreement between your router and TACACS+ server ... or see if the TACACS_ server itself is causing the delay ... ? Thanks! TJ -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 27, 2001 14:58 To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Curtis, Thanks for the tip. However, I just figure out. The solution is: line vty 0 4 transport input ssh That effectively shut off telnet. Sean From: Curtis Call [EMAIL PROTECTED] To: "Sean Young" [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 09:37:49 -0700 Why not try to throw an access list on it that blocks the incoming telnet port? I submit that I haven't read the document either so that might be a stupid suggestion :-) At 09:16 AM 3/27/01, you wrote: Hope I am not offending you but did you read the document before giving me advice or do you just give it out of the blue? If I "no login" under vty then users will NOT be able to SSH to the router period. Any more ideas? Sean From: "Mask Of Zorro" [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 11:04:33 -0500 Enter a "no login" under the vty config and that will disable telnet authentication, effectively shutting off telnet... From: "Sean Young" [EMAIL PROTECTED] Reply-To: "Sean Young" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 10:38:38 -0500 This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, a
Cisco router is running very slow when SSh is implmented
Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Enter a "no login" under the vty config and that will disable telnet authentication, effectively shutting off telnet... From: "Sean Young" [EMAIL PROTECTED] Reply-To: "Sean Young" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 10:38:38 -0500 This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Hmm...it looks like the presence of the login and authorization commands is fulfilling the requirement for a password to be configured on those lines. Ok, I'll go back to pondering then. Could you add an access list to block incoming traffic to port 23? That might accomplish the same goal. There must be another way, though. I'll let you know if I think of something. John "Sean Young" [EMAIL PROTECTED] 3/27/01 8:38:38 AM This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Hope I am not offending you but did you read the document before giving me advice or do you just give it out of the blue? If I "no login" under vty then users will NOT be able to SSH to the router period. Any more ideas? Sean From: "Mask Of Zorro" [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 11:04:33 -0500 Enter a "no login" under the vty config and that will disable telnet authentication, effectively shutting off telnet... From: "Sean Young" [EMAIL PROTECTED] Reply-To: "Sean Young" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 10:38:38 -0500 This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Sean - try a show proc cpu and see what's going on... it will give you an indication of what's going on inside the router. If it isn't a cpu problem, then you'll have to look at the interface(s) and see if the performance hit is happening there. (in other words, you'll have to isolate the problem - it MIGHT be the router, but it also might NOT) pay special attention to any of the processes that deal with ssh - the exec may also play some part in this performance degradation Keep looking to turn off telnet... and I'll ask my network operations engineers how they did it (probably an inbound access list denying port 23 traffic and allowing SSH traffic applied to the vty's... that would be my guess without looking any research...) - Original Message - From: John Neiberger [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, March 27, 2001 7:20 AM Subject: Re: Cisco router is running very slow when SSh is implmented I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Why not try to throw an access list on it that blocks the incoming telnet port? I submit that I haven't read the document either so that might be a stupid suggestion :-) At 09:16 AM 3/27/01, you wrote: Hope I am not offending you but did you read the document before giving me advice or do you just give it out of the blue? If I "no login" under vty then users will NOT be able to SSH to the router period. Any more ideas? Sean From: "Mask Of Zorro" [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 11:04:33 -0500 Enter a "no login" under the vty config and that will disable telnet authentication, effectively shutting off telnet... From: "Sean Young" [EMAIL PROTECTED] Reply-To: "Sean Young" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 10:38:38 -0500 This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
EA. Thanks for the tip. The access server is residing on the test network with only 3 devices (TACACS, access server and a windows client) so I don't think there are any problems as far as the performance is concern. I also check the process on the router and SSH and TACACS are not using that much resources there. I prefer not to use access-list so if you come up with any new tips, I would be glad to test them out. Regards, Sean From: "EA Louie" [EMAIL PROTECTED] To: "John Neiberger" [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:21 -0800 Sean - try a show proc cpu and see what's going on... it will give you an indication of what's going on inside the router. If it isn't a cpu problem, then you'll have to look at the interface(s) and see if the performance hit is happening there. (in other words, you'll have to isolate the problem - it MIGHT be the router, but it also might NOT) pay special attention to any of the processes that deal with ssh - the exec may also play some part in this performance degradation Keep looking to turn off telnet... and I'll ask my network operations engineers how they did it (probably an inbound access list denying port 23 traffic and allowing SSH traffic applied to the vty's... that would be my guess without looking any research...) - Original Message - From: John Neiberger [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, March 27, 2001 7:20 AM Subject: Re: Cisco router is running very slow when SSh is implmented I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco router is running very slow when SSh is implmented
How about just transport input ssh? -Jarrett _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco router is running very slow when SSh is implmented
Curtis, Thanks for the tip. However, I just figure out. The solution is: line vty 0 4 transport input ssh That effectively shut off telnet. Sean From: Curtis Call [EMAIL PROTECTED] To: "Sean Young" [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 09:37:49 -0700 Why not try to throw an access list on it that blocks the incoming telnet port? I submit that I haven't read the document either so that might be a stupid suggestion :-) At 09:16 AM 3/27/01, you wrote: Hope I am not offending you but did you read the document before giving me advice or do you just give it out of the blue? If I "no login" under vty then users will NOT be able to SSH to the router period. Any more ideas? Sean From: "Mask Of Zorro" [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 11:04:33 -0500 Enter a "no login" under the vty config and that will disable telnet authentication, effectively shutting off telnet... From: "Sean Young" [EMAIL PROTECTED] Reply-To: "Sean Young" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 10:38:38 -0500 This is my configuration line con 0 logging synchronous login authentication usetacacs transport input lat pad v120 lapb-ta mop telnet rlogin udptn nasi ssh line aux 0 line vty 0 4 exec-timeout 0 0 authorization commands 1 usetacacs1 login authentication usetacacs ! even when I set the "exec-timeout 0 0", I still can telnet to the router which is something I would like to avoid. I only want ssh to work. By the way, I use TACACS+ to authenticate users. Anymore ideas? Sean From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Cisco router is running very slow when SSh is implmented Date: Tue, 27 Mar 2001 08:20:26 -0700 I don't know about the performance issue, that sounds like a "feature" since a 3640 shouldn't have much trouble handling that. As far as disabling telnet, the only way I know of is not to set a vty password. While not disabling the telnet server, it will prevent any attempts to telnet to the router. John "Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM Hi everyone, Is it just me or anyone in the group experiencing the same thing? I've implemented SSH features on one of our ACCESS servers and I notice that it is very slow. The access server is a Cisco 3640 with 128MB RAM. I notice the performance is quited slow even on a Fast Ethernet LAN. I don't have any performance issues with Unix servers. Another thing, now that I have SSH running on the access server, how can I turn off telnet completely on the router? I check Cisco website but didn't see any solutions for it. Any ideas? Thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]