Here are the steps to let you SSH into a Cisco IP Phone. In this example, the phone model is a 7961.
On the phone's device page in ccmadmin, scroll down to the
Secure Shell Information section and type in a username and password for the
Secure Shell User and
Secure Shell Password. I simply used
cisco and
cisco.
Then, scroll down to the bottom and set the
SSH Access drop-down box to
Enabled. Don't forget to Save and Apply Config.
Scroll back up to the top of the page and get the phone's IP address.
Open an SSH session to the phone's IP address. You will probably get a typical key message window that you will have to accept.
Enter the username and password that you specified in the Secure Shell User and Secure Shell Password boxes on the phone's device page in ccmadmin.
You will then be prompted for another login and pasword from within your SSH session window. Enter
default for the login and
user for the password and press enter. You should then be at a
$ dollar sign prompt.
Now that you are in, let's see what you can do!
$ ping 10.10.10.1
ping: reply received from 10.10.10.1, time = 1ms
ping: reply received from 10.10.10.1, time = 0ms
ping: reply received from 10.10.10.1, time = 0ms
ping: reply received from 10.10.10.1, time = 0ms
ping: packets - sent = 4, received = 4, lost = 0, ( 0 %
lost )
time - total = 10 msec, avg = 2 msec/pkt
$
OK, what about the file and folder structure?
$ cd /
$ ls
bin dev flash0
home root tmp
usr
cnu etc flash1
modules sbin ubin var
$
Let's see what's in the the flash0 directory.
$ cd flash0
$ ls
Monospace.font
apps home sc-font.xml
syslog
RMS
bin local sec ubin
Unicode.font
etc modules ssh
$
How about the bin directory?
$ cd /
$ cd bin
$ ls -l
total 5983
-rwxr-xr-x 1
root sys 260 Jul 11 2005 AUTH.png
-rwxr-xr-x 1
root sys 1738 Dec 06 2006 BGRND.png
-rwxr-xr-x 1
root sys 218 Jul 11 2005 BLANK.png
-rwxr-xr-x 1
root sys 252 Jul 11 2005 DOWNL.png
-rwxr-xr-x 1 root sys 258 Jul 11 2005 ERROR.png
-rwxr-xr-x 1
root sys 250 Jul 11 2005 NETWK.png
-rwxr-xr-x 1
root sys 204 Dec 05 2006 P2P.png
-rwxr-xr-x 1
root sys 280 Jul 11 2005 WAIT.png
-rwxr-xr-x 1 root sys 225 Jul 11 2005 WRITE.png
-rwxr-xr-x 1
root sys 13188 Nov 13 2008 cat
-rwxr-xr-x 1
root sys 24496 Nov 13 2008 chmod
-rwxr-xr-x 1
root sys 23704 Nov 13 2008 chown
-rwxr-xr-x 1
root sys 5002 Jan 11 2007 ciscoerror.png
-rwxr-xr-x 1
root sys 5014 Jan 11 2007 ciscoreboot.png
-rwxr-xr-x 1
root sys 5055 Jan 11 2007 ciscostart.png
-rwxr-xr-x 1
root sys 13052 Nov 13 2008 cmp
-rwxr-xr-x 1
root sys
88092 May 11 13:10 cnush
-rwxr-xr-x 1
root sys 26248 Nov 13 2008 cp
-rwxr-xr-x 1
root sys 39724 Nov 13 2008 cvw
-rwxr-xr-x 1
root sys 20540 Mar 28 19:55 date
-rwxr-xr-x 1
root sys 141936 May 11 13:10 debugsh
-rwxr-xr-x 1
root sys 24936 Nov 13 2008 df
-rwxr-xr-x 1
root sys 23160 Nov 13 2008 du
-rwxr-xr-x 1
root sys 5564 Nov 13 2008 echo
-rwxr-xr-x 1
root sys
8636 Nov 13 2008 ethmibs
-rwxr-xr-x 1
root sys 8300 Nov 13 2008 ethstats
-rwxr-xr-x 1
root sys 87860 May 11 13:09 ewCmd
-rwxr-xr-x 1
root sys 26 May 31 2005 groups
-rwx--x--x 1
root sys 6836 Nov 13 2008 halt
-rwxr-xr-x 1
root sys 10636 Nov 13 2008 head
-rwxr-xr-x 1
root sys 28404 Nov 13 2008 hexdump
-rwxr-xr-x 1
root sys 15504 Nov 13 2008 id
-rwxr-xr-x 1
root sys 19572 Mar 28 19:57 imgui
-rwxr-xr-x 1
root sys 15400 Mar 28 19:56 ipcstat
-rwxr-xr-x 1
root sys 15136 May 11 13:08 ipv6
-rwxr-xr-x 1
root sys 10136 Nov 13 2008 kill
-rwxr-xr-x 1
root sys 9248 Nov 13 2008 kldstat
-rwxr-xr-x 1
root sys 10644 Nov 13 2008 ln
-rws--s--x 1
root sys 15604 Mar 28 19:56 login
-rwxr-xr-x 1
root sys 43356 Nov 13 2008 ls
-rwxr-xr-x 1
root sys 18604 Nov 13 2008 mfg
-rwxr-xr-x 1
root sys
10068 Mar 28 19:56 mib2
-rwxr-xr-x 1
root sys 14656 Nov 13 2008 mkdir
-rwxr-xr-x 1
root sys 12732 Nov 13 2008 mkfifo
-rwxr-xr-x 1
root sys 21052 Nov 13 2008 more
-rwxr-xr-x 1
root sys 23232 Nov 13 2008 mount
-rwxr-xr-x 1
root sys 20876 Nov 13 2008 mv
-rwxr-xr-x 1
root sys 9536 Nov 13 2008 nice
-rwxr-xr-x 1
root sys 124 Mar 03 2010 nologin
-rwxr-xr-x 1
root sys 41268 Mar 28 19:57 ntp
-rwxr-xr-x 1
root sys 79712 Mar 28 19:56 ping
-rwxr-xr-x 1
root sys 133872 Mar 28 19:57 ping6
-rwxr-xr-x 1
root sys 29532 Mar 28 19:56 ps
-rwx--x--x 1 root sys 6836 Nov 13 2008 reboot
-rwxr-xr-x 1
root sys 27332 Nov 13 2008 rm
-rwxr-xr-x 1
root sys 8084 Nov 13 2008 rmdir
-rwsr-s--x 1
security sec 847916 May 11 13:03 secd
-rwxr-xr-x 1
root sys 36072 Nov 13 2008 settmask
-rwxr-xr-x 1
root sys 172556 Mar 28 19:58 sh
-rwxr-xr-x 1
root sys 6768 Nov 13 2008 sleep
-rwxr-xr-x 1
root sys 10136 Nov 13 2008 slog
-rwxr-xr-x 1
root sys 19424 Mar 28 19:57 sostat
-rwsr-x--x 1
security sec 184748 Mar 28 19:54 sshd
-rwxr-xr-x 1
root sys 24472 Nov 13 2008 stty
-rwxr-xr-x 1
root sys 4676 Nov 13 2008 sync
-rwxr-xr-x 1
root sys 18440 Nov 13 2008 tail
-rwxr-xr-x 1
root sys 156076 Nov 13 2008 tar
-rwxr-xr-x 1
root sys 33304 Mar 28 19:57 tftp
-rwxr-xr-x 1
root sys 80068 May 11 13:09 tftpClient
-rwsr-sr-- 1
syslog sys 159160 Nov 13 2008 tnpdisp
-rwxr-xr-x 1 root sys
17904 Nov 13 2008 touch
-rwxr-xr-x 1
root sys 17704 Nov 13 2008 umount
-rwxr-xr-x 1
root sys 9680 Nov 13 2008 uname
-rwxr-xr-x 1
root sys 28108 Mar 28 19:57 vm
-rwxr-xr-x 1
root sys 10496 Nov 13 2008 which
-rwxr-xr-x 1
root sys 17 May 31 2005 whoami
$
We can TFTP some files if we wanted to.
$ tftp
TFTP: usage -
tftp -s address srcFile dstFile
tftpAddr =
address of tftp server - ex: 10.1.1.1
srcFile = file to be retrieved -
ex: sepxxx.cnf.xml
dstFile = filename in CNU file
system - ex: /bin/sepxxx.cnf.xml
$
Let's check the processes taking up the CPU.
$ ps
format --> ps [-acCehjklmrSTuvwx] [-L] [-M core] [-O
fmt] [-o fmt] [-p pid] [-U username]
$
$ ps -a
pid %cpu state tty command
9 0.0
run 0 /bin/sh
2 0.0
run 0 /sbin/syslogd
0 85.3 run
0 sysIdle
11 0.0
run 0 /sbin/inetd
13 0.0
run 0 /sbin/rtsold
25 0.0
run 0 /ubin/dsp
19 0.0
run 0 /bin/login
22 0.0
run 0 /bin/secd
21 0.0
run 0 /bin/tftpClient
24 0.0
run 0 /ubin/vieo
6 0.1
run 0 /sbin/strace
15 0.0
run 0 /sbin/dhcp6
14 0.0
run 0 /sbin/cdp
16 0.0
run 0 /sbin/pae
17 0.0
run 0 /sbin/imgauthd
20 0.0
run 0 /sbin/dhcp
23 0.0
run 0 /bin/ntp
29 0.0
run 0 /sbin/dns
1 0.0
run 0 /sbin/init
3 11.2 run
0 /tmp/sunvm.unzip/sunvm.cnu
26 0.0
run 0 /sbin/ewcl
5 0.0
run 0 /sbin/espd
31 20.0 run
0 /bin/ps
18 2.5
run 0 /bin/sshd
$
So, that is just an intro to how you can SSH into a phone and some basic ways to navigate around. Brush up on your Linux commands and try them. On newer models of phones (8900 and 9900 series), there are some commands that Cisco put in, such as viewing the call histories and watching the key presses on the phone. More to come on my next post!