Monday, March 10, 2014

Brocade Switch: How To Configure SSH And Disable Telnet On The FCX and ICX Series Switches

I personally think its a good idea, from a security standpoint, to enable SSH and to disable telnet.  Why?  Because passwords sent over a telnet session are in clear text, whereas with SSH, they are encrypted.  Dont believe that telnet is not secure?   Take a look at this post I did some time back. 

I have to tell you that I thought about this after I read one of Javier's posts at his blog.  It was a reminder of what I already knew, but he shows you how to enable SSH as well, and I thought about the security aspects of this and about how many attacks actually come from the inside of the network.  It was this post:  Enabling SSH on the ICX6610.  Check out Javier's blog.

So how do you enable SSH and disable telnet on a Brocade switch?  Ill show you the config:
Switch#config t
Switch(config)#crypto key generate rsa
Switch(config)#username shanekillen pri 0 password passphrase
Switch(config)#aaa authentication login default local

Switch(config)#no telnet server


  1. I seem to keep finding myself on your site! This is exactly what I was looking for, gets right to the point. Thanks for your testimony through this blog and wanting to help out others. Now if they would all just repent and believe!


    1. Hey Jerry. I hope you are doing well. I appreciate the kind words. Thats really kindof the whole point to this blog for me. To help others on a technical basis (and myself, since I also refer to it) and to tell others the good news of the gospel. Jesus did a wonderful thing for us. Everyone needs to at least know about it, right? :)

    2. And you know this about Jesus how? The most regarded authority on this is the KJ bible. With it's numerous contradictions and obvious false holds including the narrative on Jesus crucifixion and stating that the earth is flat, surely you can't consider that reliable

    3. Man, you obviously don't know much about the Bible. You make that very obvious in what you say. You also think that the kj version is the most regarded, which again is false. And you think the Bible says the world is flat, which again, it says it's round. I really can't take you seriously at all. But thanks for showing your true ignorance, even though you do it anonymously.

  2. This is also what I am looking for. Great answer and get to the point. Thank you for sharing.

  3. Well well ... looking up some stuff for our Brocade and I run across this. Shane Killen. Thanks for the quick tip and keep spreading the word. :)

  4. Dude your blog saved my life! Im a young network student trying to make it in this field. I'm pretty confident even though a majority of my learning is on the job and mainly related to testing network devices for functionality. Anyways, I will reach out some day so hopefully you wont up and quit your blog someday. I was tasked with making sure a switch was enabled for ssh. and i was missing the final command. THANKS AGAIN MAN!!

  5. Thank you for sharing this. Was faster to google how to and find your info than it was to find it on the brocade portal.


  6. I found this useful after a lot of work. The commands are dead on for the Brocade, but coming from a Cisco world, the set up in Microsoft Server NPS should be addressed. Brocade uses PAP, while Cisco can use the encrypted versions like CHAP. I personally would never use PAP if there was an option of CHAP or above, and I did not enable PAP in NPS as an option for the Brocade network policy. I could not figure out why I would not authenticate to the Brocade devices until I dug into the NPS logs and saw that an unsupported authentication method was being used, check the PAP box in the network policy, and behold, it worked. I hope that this helps some others.

  7. This is great! Straight to the point. You cant even see this concise on Brocade docs

  8. best thing about this blog is the solution is always straight to the point no extra unwanted stuff.
    it saves me many times.
    keep up the great work.

  9. 8 years later and still helps when digging out this old bs switch for an emergency! (I just don't like brocades)


Your comment will be reviewed for approval. Thank you for submitting your comments.