Security

Reply
Frequent Contributor I
Posts: 68
Registered: ‎12-14-2012

Disable all SSH access to the controller

I am looking for a way to block SSH access to the controller, Any Ports and Any IP addresses.  Basically I want only console access to the Hard Console port on the controller.

 

What option is the simplest?  and most reliable ?

MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Disable all SSH access to the controller

[ Edited ]

Wired port ACL + PEFNG will do the job for u , with the right config. :smileywink:

 

Make the ports as untrusted and then all the access roles you configrued in the wired access role will be applied.

 

From the WebUI:
Advanced Services > Wired Access > from the drop-down menu, select the aaa profile that has the initial role the blocking ssh and giving other needed services.

 

Another  truly secure method is to not expose your controller on port 22 on the internet. You can also use public key cryptography as a login to the controller or a long and secure username and password.

 

hope it gave u some idea.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Frequent Contributor I
Posts: 68
Registered: ‎12-14-2012

Re: Disable all SSH access to the controller

I was thinking that one could apply the "svc-ssh deny" rule to all roles and this would effectivly block it over wireless as well

 

is there any way to apply it globally?

Search Airheads
Showing results for 
Search instead for 
Did you mean: