cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3128
Views
0
Helpful
2
Replies

Setting up SSH on a 3845 router?

matthew.sarro
Level 1
Level 1

Greetings everyone!

Just curious, how does one set up SSH on a cisco 3845 router? Specifically, how does one generate the RSA keys?

It seems to be missing the "generate" subcommand for crypto. When I type crypto key the only sub-commands are lock and unlock. I'm unfamiliar with this and don't want to mess around too much since it's a production box.

I'm running c3845-spservicesk9-mz.124-11.T2.bin so I should have the ability, yes? Any guidance would be appreciated. I really would prefer not to use telnet.

1 Accepted Solution

Accepted Solutions

JORGE RODRIGUEZ
Level 10
Level 10

you have k9 image , it should support crypto commands, are you sure you were at the configuration mode?

try again.., here is a link for setting up ssh in IOS.

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

way to do it is open two telnet sessions to the router, in one session be in the enable mode and leave the session opened. On the other telnet session work with the SSH configuration implementation. When finished do not save the config , exit the session and open a new session using ssh to ensure you can connect and login to the router via ssh... if for any reason fails you still have the other telnet session opened to undo the ssh changes or correct them.

also for making sure your telnet sessions do not time out while working with configs permit yourself more time by entering exec-time out 60 <-- one hour for your vty lines.

line vty 0 4

exec-timeout 60

you can also do the complete ssh implementation via console port as well.

Regards

PLS rate any helpful posts if it helps

Jorge Rodriguez

View solution in original post

2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

you have k9 image , it should support crypto commands, are you sure you were at the configuration mode?

try again.., here is a link for setting up ssh in IOS.

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

way to do it is open two telnet sessions to the router, in one session be in the enable mode and leave the session opened. On the other telnet session work with the SSH configuration implementation. When finished do not save the config , exit the session and open a new session using ssh to ensure you can connect and login to the router via ssh... if for any reason fails you still have the other telnet session opened to undo the ssh changes or correct them.

also for making sure your telnet sessions do not time out while working with configs permit yourself more time by entering exec-time out 60 <-- one hour for your vty lines.

line vty 0 4

exec-timeout 60

you can also do the complete ssh implementation via console port as well.

Regards

PLS rate any helpful posts if it helps

Jorge Rodriguez

Yep, I was being dumb and was trying to do it at enable mode. Good call - no more late nights without coffee for me!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: