Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12507
Views
0
Helpful
4
Replies

Configure SSH access for 1841

Christopher Bell
Level 4
Level 4

‎11-16-2010 08:43 AM - edited ‎03-06-2019 02:04 PM

Configuring SSH access is a pretty basic thing, so I'm guessing there is probably a problem with the software I'm running.  Router is a Cisco 1841.

Show version:

NKYLEXRTR02#show ver
Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 12.4(25c), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 11-Feb-10 22:49 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

NKYLEXRTR02 uptime is 40 minutes
System returned to ROM by power-on
System image file is "flash:c1841-advsecurityk9-mz.124-25c.bin"

Cisco 1841 (revision 4.1) with 115712K/15360K bytes of memory.

2 FastEthernet interfaces
1 Serial interface
1 terminal line
2 Channelized T1/PRI ports
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62592K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Has a domain, hostname, and IP addresses configured.  Crypto keys have been generated.

show ip ssh:

NKYLEXRTR02#show ip ssh
SSH Disabled - version 2.0
%Please create RSA keys (of atleast 768 bits size) to enable SSH v2.
Authentication timeout: 60 secs; Authentication retries: 2

Am I not running the right IOS for ssh access?

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
Labels:
0 Helpful
4 Replies 4

James Hardman
Level 1
Level 1

‎11-16-2010 09:11 AM

You need to generate your SSH key

Router(config)# crypto key generate rsa

http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfssh.html#wp1000876

0 Helpful

Christopher Bell
Level 4
Level 4
In response to James Hardman

‎11-16-2010 09:13 AM

As I mentioned in my first post, I have already done that.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Christopher Bell

‎11-16-2010 11:18 AM

Christopher

I can answer your immediate question. The Advanced Security feature set on the 1841 should run SSH just fine. We have lots of 1841s with that feature set and they have no problems with SSH.

I know that you say that you have generated the key. But the error message in your post is pretty clear that the router does not believe that it has a valid crypto key. to check this out you might try using the command

show crypto key mypubkey rsa

Is it possible that the name of the router has been changed since the key was generated? I know from experience that this is something that will make a generated key become invalid.

Given the error message, I would suggest that you generate crypto keys (again) and see if that helps.

HTH

Rick

HTH

Rick
0 Helpful

Christopher Bell
Level 4
Level 4
In response to Richard Burts

‎11-16-2010 11:27 AM

I ended up figuring this out, sorry - should have posted back.  When I checked, the key was there and the modulus was fine.  I ended up zero'ing them out and re-generating them and it still did not work.  I zeroed them out one more time, and generated a usage-key... this fixed it.

generate rsa usage-keys label SSH modulus 1024

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card