Cisco phone ssh commands

IPT Buzz

Saturday, September 17, 2011

How to SSH into a Cisco IP Phone

Here are the steps to let you SSH into a Cisco IP Phone. In this example, the phone model is a 7961.

On the phone’s device page in ccmadmin, scroll down to the Secure Shell Information section and type in a username and password for the Secure Shell User and Secure Shell Password. I simply used cisco and cisco.

Then, scroll down to the bottom and set the SSH Access drop-down box to Enabled. Don’t forget to Save and Apply Config.

Scroll back up to the top of the page and get the phone’s IP address.

Open an SSH session to the phone’s IP address. You will probably get a typical key message window that you will have to accept.

You will then be prompted for another login and pasword from within your SSH session window. Enter default for the login and user for the password and press enter. You should then be at a $ dollar sign prompt.

Now that you are in, let’s see what you can do!


IT заметки на полях

Полезные заметки о IT

Cisco 7941 ssh доступ

ssh roo@ip password — cisco login: default password: user

SIP Phone> clear

Clears the following, depending on keywords used:
arp—Clears the Address Resolution Protocol (ARP) cache.
ethernet—Clears the network statistics.
ip—Clears the IP statistics.
malloc—Clears the memory allocation table.
tcp-stats—Clears the TCP statistics.

SIP Phone> debug

Shows detailed debug output when used with the following keywords:
arp—Shows debug output for the ARP cache.
console-stall—Shows debug output for the console-stall driver output mode.
strlib—Shows debug output for the string library.
malloc—Shows debug output for memory allocation.
malloc-table—Enables the population of the memory allocation table. The table can be viewed with the show malloc-table command.
sk-platform—Shows debug output for the platform.
flash—Shows debug output for the Flash memory.
dsp—Shows debug output for DSP accesses.
vcm—Shows debug output for the voice channel manager (VCM), including tones, ringing, and volume.
dtmf—Shows debug output for DTMF relay.
task-socket—Shows socket task debug output.
lsm—Shows debug output for the Line State Manager.
fsm—Shows debug output for the Feature State Manager.
auth—Shows debug output for the SIP authorization state machine.
fim—Shows debug output for the Feature Interaction Manager.
gsm—Shows debug output for the Global State Manager.
cc—Shows debug output for call control.
cc-msg—Shows debug output for the call control messages.
error—Shows general error debug output.
sip-task—Shows debug output for the SIP task.
sip-state—Shows debug output for the SIP state machine.
sip-messages—Shows debug output for SIP messaging.
sip-reg-state—Shows debug output for the SIP registration state machine.
dns—Shows the DNS command-line interface (CLI) configuration; allows you to clear the cache and set servers.
config—Shows output for the config system command.
sntp—Shows debug output for Simple Network Time Protocol (SNTP).
sntp-packet—Displays full SNTP packet data.
http—Shows HTTP requests and responses.
arp-broadcast—Shows ARP broadcast messages.
xml-events—Shows XML events that are posted to the XML application chain.
xml-deck—Shows XML requests for XML cards and decks.
xml-vars—Shows XML content variables.
xml-post—Shows XML post strings.

Manipulates the DNS system. The following arguments are used:
-p—Prints out the DNS cache table.
-c—Clears out the DNS cache table.
-s ip-address—Sets the primary DNS server.
•-b ip-address—Sets the first backup server.

SIP Phone> erase protflash
Erases the protocol area of Flash memory. Forces the phone to reset its IP stack and request its configuration files again. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.

Читайте также:  Какая краска на принтер brother t310

SIP Phone> exit Exits the Telnet or console session.

SIP Phone> ping ip-address number packet-size timeout
Sends an Internet Control Message Protocol (ICMP) ping to a network address. You can use a dotted IP address or an alphanumeric address. The number argument specifies how many pings to send; the default value is 5. The packetsize argument defines the size of the packet; you can send any size packet up to 1480 bytes and the default packet size is 100. The timeout argument is measured in seconds and identifies how long to wait before the request times out; the default is 2.

SIP Phone> register

Instructs the Cisco SIP IP phone to register with the proxy server. The keywords and argument are as follows:

option value—Specifies each line as registered or not. Valid entries are 0 (unregistered) and 1 (registered).

line value—Registers the number of lines or specifies a backup proxy. The valid values are from 1 to 6 and backup. For example, if you input register 0 backup, the phone will register to the backup proxy.

SIP Phone> reset

Resets the phone line. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.

Shows information about the SIP IP phone. The following keywords are used:
arp—Displays contents of the ARP cache.
debug—Shows which debug modes are activated.
ethernet—Shows the network statistics.
ip—Displays the IP packet statistics.
strpool—Shows the string library pool of strings. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.
memorymap—Shows the memory mapping table, including free, used, and wasted blocks.
dump—Displays a dump of the memory contents. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.
malloctable—Shows the memory allocation table.
stacks—Shows tasks and buffer lists.
status—Shows the current phone status, including errors.
abort_vector—Shows the address of the last recorded abort vector.
flash—Shows Flash memory information.
dspstate—Shows the DSP status, including whether the DSP is ready, the audio mode, whether keepalive pending is turned on, and the ringer state.
rtp—Shows packet statistics for the RTP streams.
tcp—Shows the status of TCP ports, including the state (listen or closed) and the port number.
lsm—Shows the current status of the Line Manager control blocks.
fsm—Shows the current status of the Feature State function control blocks.
•fsmdef—Shows the current status of the default Feature State Manager data control blocks.
fsmcnf—Shows the current status of the Conference Feature State Manager call control blocks.
fsmxfr—Shows the current status of the Transfer Feature State Manager transfer control blocks.
fim—Shows the current status of the Feature Interaction Manager control blocks (interface control blocks and state control blocks).
gsm—Turns on debugging for vcm, lsm, fim, fsm, and gsm.
register—Shows the current registration status of SIP lines.
network—Shows network information, such as phone platform, DHCP server, phone IP address and subnet mask, default gateway, address of the TFTP server, phone MAC address, domain name, and phone name.
config—Shows the current Flash configuration, including network information, phone label and password, SNTP server address, DST information, time and date format, and input and output port numbers.
personaldir—Displays the current contents of the personal directory. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.
dialplan—Shows the phone dial plan.
timers—Shows the current status of the platform timers.

Accesses the remote call test interface, allowing you to control the phone from a remote site. To use this feature, enter the test open command. To prevent use of this feature, enter the test close command. This command can be used only if the telnet_level parameter is set to allow privileged commands to be executed.

The following commands are available:
•test key—When a test session is open, you can simulate key presses using the test key k1 k2 k3…k12 command, where k1 through k13 represent the following key names:
–voldn—Volume down
–volup—Volume up
–navup—Navigate up
–navdn—Navigate down

Читайте также:  Картридж мфу xerox pe114e

The keys 0 through 9, #, and * may be entered in continuous strings to better express typical dialing strings. A typical command would be test ky 23234.

test onhook—Simulates a handset onhook event.
test offhook—Simulates a handset offhook event.
test show—Shows test feedback.
test hide—Hides test feedback.

SIP Phone> tty | mon | timeout value | kill session | msg>

Controls the Telnet system. The arguments and keywords are as follows:

echo—Controls local echo.
mon—Sends all debug output to both the console and Telnet sessions.
timeout value—Sets the Telnet session timeout period based on the value. The value range is from 0 to 65535.
kill session—Tears down the Telnet session specified by the session argument.
msg—Send a message to another terminal logged into the phone; for example, you can send a message telling everyone else that is logged in to log off.

SIP Phone> traceroute ip-address [ttl]

Initiates a traceroute session from the console or from a Telnet session. Traceroute shows the route that IP datagrams follow from the SIP IP phone to the specified IP address. The arguments are as follows:
ip-address—The dotted IP address or alphanumeric address (host name) of the host to which you are sending the traceroute.
•ttl—The time-to-live value, or the number of routers (hops) through which the datagram can pass. The default value is 30.


Secure Shell Configuration Guide, Cisco IOS Release 15M&T

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Title

Secure Shell Configuration Guide, Cisco IOS Release 15M&T

SSH Terminal-Line Access

View with Adobe Reader on a variety of devices

View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone


Chapter: SSH Terminal-Line Access

SSH Terminal-Line Access

The SSH Terminal-Line Access feature provides users secure access to tty (text telephone) lines. tty allows the hearing- and speech-impaired to communicate by using a telephone to type messages.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to​go/​cfn. An account on is not required.

Prerequisites for SSH Terminal-Line Access

Download the required image to your router. The secure shell (SSH) server requires the router to have an IPSec (Data Encryption Standard (DES) or 3DES) encryption software image from Cisco IOS Release 12.1(1)T or a later release. The SSH client requires the router to have an IPSec (DES or 3DES) encryption software image from Cisco IOS Release 12.1(3)T or a later release. See the Cisco IOS Configuration Fundamentals Configuration Guide , Release 12.4T for more information on downloading a software image.

The SSH server requires the use of a username and password, which must be defined through the use of a local username and password, TACACS+, or RADIUS.


The SSH Terminal-Line Access feature is available on any image that contains SSH.

Restrictions for SSH Terminal-Line Access

Console Server Requirement

To configure secure console server access, you must define each line in its own rotary and configure SSH to use SSH over the network when user want to access each of those devices.

Memory and Performance Impact

Replacing reverse Telnet with SSH may reduce the performance of available tty lines due to the addition of encryption and decryption processing above the vty processing. (Any cryptographic mechanism uses more memory than a regular access.)

Information About SSH Terminal-Line Access

Overview of SSH Terminal-Line Access

Cisco IOS supports reverse Telnet, which allows users to Telnet through the router—via a certain port range—to connect them to tty (asynchronous) lines. Reverse Telnet has allowed users to connect to the console ports of remote devices that do not natively support Telnet. However, this method has provided very little security because all Telnet traffic goes over the network in the clear. The SSH Terminal-Line Access feature replaces reverse Telnet with SSH. This feature may be configured to use encryption to access devices on the tty lines, which provide users with connections that support strong privacy and session integrity.

SSH is an application and a protocol that provides secure replacement for the suite of Berkeley r-tools such as rsh, rlogin, and rcp. (Cisco IOS supports rlogin.) The protocol secures the sessions using standard cryptographic mechanisms, and the application can be used similarly to the Berkeley rexec and rsh tools. Currently two versions of SSH are available: SSH Version 1 and SSH Version 2. Only SSH Version 1 is implemented in the Cisco IOS software.

The SSH Terminal-Line Access feature enables users to configure their router with secure access and perform the following tasks:

Connect to a router that has multiple terminal lines connected to consoles or serial ports of other routers, switches, or devices.

Simplify connectivity to a router from anywhere by securely connecting to the terminal server on a specific line.

Allow modems attached to routers to be used for dial-out securely.

Require authentication of each of the lines through a locally defined username and password, TACACS+, or RADIUS.


The session slot command that is used to start a session with a module requires Telnet to be accepted on the virtual tty (vty) lines. When you restrict vty lines only to SSH, you cannot use the command to communicate with the modules. This applies to any Cisco IOS device where the user can telnet to a module on the device.

How to Configure SSH Terminal-Line Access

Configuring SSH Terminal-Line Access

Perform this task to configure a Cisco router to support reverse secure Telnet.


SSH must already be configured on the router.

2. configure terminal

3. line line-number [ ending-line-number ]

9. ip ssh port portnum rotary group


Command or Action Purpose
Step 1 enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 configure terminal

Enters global configuration mode.

Step 3 line line-number [ ending-line-number ]

Identifies a line for configuration and enters line configuration mode.

For router console configurations, each line must be defined in its own rotary, and SSH must be configured to listen in on each rotary.

An authentication method requiring a username and password must be configured for each line. This may be done through the use of a local username and password stored on the router, through the use of TACACS+, or through the use of RADIUS. Neither Line passwords nor the enable password are sufficient to be used with SSH.

Step 4 no exec

Disables exec processing on each of the lines.


Defines a login authentication mechanism for the lines.

The authentication method must utilize a username and password.

Step 6 rotary group

Defines a group of lines consisting of one or more lines.

All rotaries used must be defined, and each defined rotary must be used when SSH is enabled.

Defines which protocols to use to connect to a specific line of the router.

Step 8 exit

Exits line configuration mode.

Step 9 ip ssh port portnum rotary group

Enables secure network access to the tty lines.

Use this command to connect the portnum argument with the rotary group argument, which is associated with a line or group of lines.

The group argument must correspond with the rotary group number chosen in Step 6.

Verifying SSH Terminal-Line Access

To verify that this functionality is working, you can connect to a router using an SSH client.

Configuration Examples for SSH Terminal-Line Access

Example SSH Terminal-Line Access Configuration

The following example shows how to configure the SSH Terminal-Line Access feature on a modem used for dial-out on lines 1 through 200. To get any of the dial-out modems, use any SSH client and start an SSH session to port 2000 of the router to get to the next available modem from the rotary.

Example SSH Terminal-Line Access for a Console Serial Line Ports Configuration

The following example shows how to configure the SSH Terminal-Line Access feature to access the console or serial line interface of various devices. For this type of access, each line is put into its own rotary, and each rotary is used for a single port. In this example, lines 1 through 3 are used; the port (line) mappings of the configuration are shown in the table below.


Поделиться с друзьями