Filter
Top Products
3-9
Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide
OL-16506-17
Chapter 3
Configuring Persistent SSH
Step 4
connection wait [allow {interruptible}| none
{disconnect}]
Example:
Router(config-tmap)# connection wait allow
interruptible
Specifies how a persistent SSH connection will be handled
using this transport map:
• allow—The SSH connection waits for the vty line to
become available, and exits the router if interrupted.
• allow interruptible—The SSH connection waits for
the vty line to become available, and also allows users
to enter diagnostic mode by interrupting a SSH
connection waiting for the vty line to become available.
This is the default setting.
Note Users can interrupt a waiting connection by
entering Ctrl-C or Ctrl-Shift-6.
• none—The SSH connection immediately enters
diagnostic mode.
• none disconnect—The SSH connection does not wait
for the vty line from IOS and does not enter diagnostic
mode, so all SSH connections are rejected if no vty line
is immediately available.
Step 5
rsa keypair-name rsa-keypair-name
Example:
Router(config-tmap)# rsa keypair-name sshkeys
Names the RSA keypair to be used for persistent SSH
connections.
For persistent SSH connections, the RSA keypair name
must be defined using this command in transport map
configuration mode. The RSA keypair definitions defined
elsewhere on the router, such as through the use of the ip ssh
rsa keypair-name command, do not apply to persistent
SSH connections.
No rsa-keypair-name is defined by default.
Step 6
authentication-retries number-of-retries
Example:
Router(config-tmap)# authentication-retries 4
(Optional) Specifies the number of authentication retries
before dropping the connection.
The default number-of-retries is 3.
Step 7
banner [diagnostic | wait] banner-message
Example:
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character
'X'.
--Welcome to Diagnostic Mode--
X
Router(config-tmap)#
(Optional) Creates a banner message that will be seen by
users entering diagnostic mode or waiting for the vty line as
a result of the persistent SSH configuration.
• diagnostic—Creates a banner message seen by users
directed into diagnostic mode as a result of the
persistent SSH configuration.
• wait—Creates a banner message seen by users waiting
for the vty line to become active.
• banner-message—The banner message, which begins
and ends with the same delimiting character.
Command or Action Purpose