how to ssh on routers?

Answered Question
Apr 21st, 2008

How do I verify if a Cisco IOS version has IPSec(DES or 3DES) encryption software?

I want to enable ssh but each time I get the following error message

ban-top-dess(config)#crypto key generate rsa

The "^" is displayed below the "r" on crypto

% Invalid input detected at '^' marker.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
banso_boy Mon, 04/21/2008 - 03:42

HTH

you mean if I don`t see "This product contains cryptographic features..." in the "show version" command then I cannot run ssh?

banso_boy Mon, 04/21/2008 - 03:58

by the way any idea on how I can enable ssh on the router? software upgrade? If yes how can I go about it? The router is cisco 2811.

Hope u can still offer some ideas here.

If you have the correct image - the configuration is very easy:-

!

ip domain-name blah.blah (this is required for the ssh key cert)

!

crypto key generate rsa general-keys modulus 1024 (module 1024 is optional, default key size is 512)

!

line vy 0 4 or 0 15

login

transport input ssh

!

You will need to upgrade the IOS image - for this you do need a valid CCO account that allows the download of IOS images.

I think there is a IOS image for the 2811 that has crypto - it's either IP Plus or Advanced security or something like, I am not sure 100% on that.

HTH.

banso_boy Mon, 04/21/2008 - 05:12

HTH,

yep, there is Advanced Security and Advanced IP services.

glen.grant Mon, 04/21/2008 - 06:05

Most crypto images will have a "K9" somewhere in the imagename.

Actions

This Discussion