While changing the password on Cisco Aironet 2800 controller over web-based management interface, it will update the password for the web interface and SSH login of the controller. However, it will not update the SSH login on every access points. This post provides a solution to change the SSH login for all the access points.
Assuming we have multiple AP, with IP address below
- AP1 – 192.168.0.11
- AP2 – 192.168.0.12
- AP3 – 192.168.0.13
and one of them will become the controller, with IP address 192.168.0.10
Connect to the controller via SSH.
$ ssh controller-admin@192.168.0.10 (Cisco Controller) User: controller-admin Password:CONTROLLER-PASSWORD Welcome to the Cisco Mobility Express command line interface. Only commands which are listed in the command reference guide for this release are supported. http://www.cisco.com/c/en/us/support/wireless/mobility-express/products-command-reference-list.html (Cisco Controller) >
Command show mgmtuser will list the user on the controller, not SSH login for each APs.
(Cisco Controller) >show mgmtuser User Name Permissions Description Password Strength Telnet Capable ----------------------- ------------ --------------------- ------------------ ---------- controller-admin read-write Strong Yes
Use the following command to change the SSH login for all APs. This will not change the controller login.
(Cisco Controller) >config ap mgmtuser add username SSH-ADMIN password SSH-PASSWORD secret SSH-ENABLE-SECRET all (Cisco Controller) >
Save and logout.
(Cisco Controller) >logout The system has unsaved changes. Would you like to save them now? (y/N) y Connection to 192.168.0.10 closed. $
Now you can login individual AP with the updated password.
$ ssh SSH-ADMIN@192.168.0.11 sshadmin@192.168.0.11's password: SSH-PASSWORD AP1>en Password: SSH-ENABLE-SECRET AP1#exit Connection to 192.168.0.11 closed. $
References
- Cisco Wireless Controller Configuration Guide, Release 8.5 – Managing APs – “Configuring Global Credentials for Access Points” section
Tested on Cisco Aironet 2800 software 8.5.131.0