Arista - lock down SSH access ?

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

MountainBofh

Beating my users into submission
Mar 9, 2024
394
288
63
I need to setup my Arista switch such that the management is available on a given vlan (in my case vlan 10). I've managed to do that by assigning an IP address to the vlan in question. I'd like to setup some sort of IP access list so that only a few trusted hosts have SSH access, but other hosts plugged into vlan 10 do NOT have access to the switch management. I've been digging around Arista's documentation but I'm a bit too stupid to figure it out. Any suggestions ?
 

MountainBofh

Beating my users into submission
Mar 9, 2024
394
288
63
Ok, figured out to create a new ACL and apply it such that SSH access is locked down. But as soon as I restart the switch it reverts back to the default ACL for the control plane. Is there a command to tell the switch to use the new ACL on startup ?
 
Last edited:

MountainBofh

Beating my users into submission
Mar 9, 2024
394
288
63
I tried a "write mem" and now it seems to remember it after a restart. Thanks again for all your help!
 
  • Like
Reactions: zunder1990