SSH on routers

Answered Question
May 2nd, 2007
User Badges:

Hello,


I am new to routing switching. Can some one guide me how to configure SSH on routers?


Regards

Correct Answer by Joe Clarke about 9 years 12 months ago

First you need a crypto image. Check to see that you have a k9 feature set (e.g. ipservicesk9). Then, make sure you have a hostname and domain name configured:


hostname core-router

ip domain-name company.com


Then you need to generate you RSA certificate:


crypto key generate rsa


When it prompts you for a modulus, choose one that is at least 1024 for best compatibility.


Next, configure a local username. If you are already using AAA you can skip this step:


aaa new-model

aaa authentication login default local

username sshuser password sshuser!@#


Finally, checkout the optional "ip ssh" commands to see if any of them are needed for your setup. However, at this point, you should be able to ssh to your router as sshuser (or whatever AAA users you have available).


See http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7d5.html#wp1007881 for the complete list of instructions.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Correct Answer
Joe Clarke Wed, 05/02/2007 - 08:41
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

First you need a crypto image. Check to see that you have a k9 feature set (e.g. ipservicesk9). Then, make sure you have a hostname and domain name configured:


hostname core-router

ip domain-name company.com


Then you need to generate you RSA certificate:


crypto key generate rsa


When it prompts you for a modulus, choose one that is at least 1024 for best compatibility.


Next, configure a local username. If you are already using AAA you can skip this step:


aaa new-model

aaa authentication login default local

username sshuser password sshuser!@#


Finally, checkout the optional "ip ssh" commands to see if any of them are needed for your setup. However, at this point, you should be able to ssh to your router as sshuser (or whatever AAA users you have available).


See http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7d5.html#wp1007881 for the complete list of instructions.

thaman303 Wed, 05/02/2007 - 09:57
User Badges:

Thanks Joe, That would be very helpful in getting started.


Regards

Actions

This Discussion