Set ‘transport input ssh’ for ‘line vty’ connections

Details

Selects the Secure Shell (SSH) protocol.

Rationale:

Configuring VTY access control restricts remote access to only those authorized to manage the device and prevents unauthorized users from accessing the system.

Impact:

To reduce risk of unauthorized access, organizations should require all VTY management line protocols to be limited to ssh.

Solution

Apply SSH to transport input on all VTY management lines

hostname(config)#line vty
hostname(config-line)#transport input ssh

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/3160

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.

References

800-53|IA-2(1)
CSCv6|3.4
CSCv7|4.5

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles