Console Port: Logout on Disconnect

Routers and switches require physical security. This is not a new concept.

ut here’s something you may not have thought about: The console port. If someone has access to the console port of your switch or router, they can cause all sorts of trouble.

 

But what can they do? They still need a password to logon to the console right? RIGHT?!?

Maybe not…

 

Think of this scenario. You’ve been working on a switch through the console port. You connected your cable, logged in, and completed your work.

What do you do next? Remove the console cable and walk away…

And there’s the problem. You’re still logged in…

 

Anyone can now walk up to your switch and connect a console cable, and they’re logged in as you.

Scary right?

Of course this may not be a big threat if your devices are locked away in server rooms and cabinets, but we know that’s not always the case.

 

How can we mitigate this?

Easy.

set system ports console log-out-on-disconnect

 

With this command, if you forget to log out, your switch will log you out automatically when the console cable is removed.

Stay safe! 

 

Leave a Reply