Enable SSH on Netgear GS728TP

When I got the GS728TP I was fairly surprised that Netgear claimed the only way to configure it was through their web management interface.  While the web interface is fine for basic configuration, it is slow and freezes if you don’t let the page load completely before clicking. I was not satisfied with this being the only configuration option and luckily found an alternative.

  1. Enable Telnet
    In the manual, Netgear mentions that you can enable telnet “for diagnostic purposes.” To do this, go to Maintenance > Troubleshooting > Remote Diagnostics.
  2. Login
    Once you have telnet enabled, connect to it using your favorite telnet client. (Putty works great on Windows). The password is whatever you use to login to the web interface.
    Username: admin
    Password: <web interface password> (default: password)
  3. Enter Configuration Mode
    Once you are logged in, you will be at a command prompt with the name of your switch followed by # symbol.
    Type config to enter configuration mode.
  4. Enable SSH
    Type ip ssh server to enable ssh access. When you press enter, it will save the configuration immediately, and you will see something like
    27-Jan-2016 16:16:41 %COPY-N-LOGGINGFILECOPYSTOP: stop log messages related to file copy operations
    27-Jan-2016 16:16:43 %COPY-N-LOGGINGFILECOPY: start log messages related to file copy operations

    Wait for this to finish before issuing another command.
  5. Enable Password Auth
    Next, enable password authentication by typing ip ssh password-auth. Again, you will see messages while it saves the configuration.
  6. Change SSH Port (optional)
    You can optionally change the SSH port by typing ip ssh port <port number>.
  7. Change SSH Timeout
    You can view and change the SSH timeout (as well as other options) from the command line. Enter config mode and then type line ssh. The prompt will now show (config-line)#. Type do show line ssh to view the current configuration, and you’ll see that by default the SSH timeout is 10 minutes. You can increase it to 60 minutes with exec-timeout 60.

If you want to setup public key authentication, you can try following this guide I found. I have not verified that this works on the GS728TP, but I suspect that it would.

This entry was posted in WPPC Networking Project and tagged , , . Bookmark the permalink.

10 Responses to Enable SSH on Netgear GS728TP

  1. Brian Matice says:

    I have this same model switch. It does not have the “Remote Diagnostics” option on the troubleshooting page. Is it possible that they removed it from the latest software version?

    • Hans Guthrie says:

      Brian,

      That’s interesting. So you don’t see the Remote Diagnostics in the left sidebar? (See here)

      What firmware version are you running? I am running the current version (6.0.1.18), and I know the option is there on mine because a few months ago I had to replace the switch under warranty. To reconfigure the replacement, I just re-enabled telnet (then SSH), and programming it over SSH.

      • Peter Russell says:

        My switch also doesn’t have this option – but it turns out that the Telnet server was already running on port 60000.

  2. Stefan Ross says:

    Thanks, this was very helpful!

  3. Mano says:

    Hi, Thanks for the tip! I got SSH running using your tips. I’d like to send commands to the switch using a script and I’ve tried the instructions you linked to get a public key installed onto the switch. Unfortunately it fails to execute this line:
    copy tftp://131.211.80.9/netgear/netgear-ics-04-dsa.key nvram:sshkey-dsa
    (Obviously with my own TFTP server IP and switch name)
    It fails with:
    Source And Destination URL combination is not supported

    Any idea how to get the generated key over to the switch?

  4. Pingback: Configure SNMPv3 on Netgear GS728TP - Sysadmin RamblingsSysadmin Ramblings

  5. Mid Star says:

    An impressive share! I’ve just forwarded this onto a colleague
    who was doing a little homework on this. And he actually
    bought me dinner due to the fact that I stumbled
    upon it for him… lol. So let me reword this…. Thank YOU
    for the meal!! But yeah, thanx for spending time to discuss this
    issue here on your internet site.

  6. Roku says:

    I have been working on a Cisco 2600 with an internal CSU/DSU. I am a little lost. This blog has helped a little bit. However, would you have some time to contact me with some help? dan@iremedy.net

  7. Carlos says:

    Rock star – this is brilliant and thank you!! It allowed me to configure sflow which isnt on the menu options…..
    Just two questions:
    Are the SSH settings persistent after reboot
    Do you think the sflow settings will be persistent after reboot

  8. Hans Guthrie says:

    Carlos, the SSH settings are persistent. I do not know about sflow, but I suspect any changes would be persistent. Let me know what you find out.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.