jump to navigation

Enabling SSH on cisco IOS March 12, 2009

Posted by daakeung in Cisco.
Tags: , ,
trackback

As many of you know, telnet is unsecured when configuring remote devices. Any intruder can read the information in plain text.

The secure alternative is SSH.

SSH provides encryption of your commands as well as the user/passwords.

To configure ssh on cisco ios, first define a hostname and domain name:

Router(config)#hostname test
test(config)#ip domain name akeung.com

Define local account

test(config)# username darryl password test

Set aaa new model

test(config)#aaa new-model

Generate Key

test(config)#crypto key generate rsa
The name for the keys will be: test.akeung.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

Set SSH to version 2

test(config)#ip ssh version 2

Set SSH authentication retries

test(config)#ip ssh authentication-retries 3

And finally, change the transport for telnet to SSH

test(config-line)#line vt 0 4
test(config-line)#transport input ssh


Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: