03-26-2009 07:29 AM - edited 03-11-2019 08:10 AM
I want to set up SSH to my ASA externally so I can manage it remotely,can some one please tell me the most secure way to do it
Many Thanks
03-26-2009 07:36 AM
PIX(config)#hostname PIXOne
PIXOne(config)#domain-name mydomain.com
PIXOne(config)#ca generate rsa key 1024
PIXOne(config)#ssh time-out 60
PIXOne(config)#ssh 75.50.95.72 255.255.255.255 outside
PIXOne(config)#passwd your_secret_password
PIXOne(config)#exit
PIXOne#wr mem
The ssh 75.50.95.72 255.255.255.255 outside line should be changed to be the address you want to manage the ASA from. Limit this to as few addresses as possible.
Hope that helps.
03-26-2009 07:48 AM
Thanks for your swift reply, is that method just using a password and no other means of authentication
03-26-2009 07:50 AM
Yes. You can configure other methods though (local, radius, tacacs, etc).
03-26-2009 07:53 AM
Step 1.
domain-name name
Step 2.
crypto key generate rsa
HTH
Vikram
Step 3.
Enable SSH on an interface.
ssh x.x.x.x netmask outside
default username & password are pix/cisco
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide