Complete these steps to configure Secure Shell (SSH) to the PIX Firewall:
Before a connection to the PIX is made through SSH, these prerequisites must be met:
The PIX must run version 5.2 or later.
The PIX must have a VPN Data Encryption Standard (DES) license, as indicated in the output of the show version command.
Note: Refer to Product License Registration in order to request a DES license.
Once all requirements are met, issue these commands on the PIX:
hostname domain-name
!--- Generate a key for the SSH encryption to use.
ca generate rsa key 1024
!--- Allow the desired host to connect to the PIX on the interface specified.
ssh ip_address mask interface
!--- Save your configuration.
ca save all
write memory
This is an example:
hostname mypix
domain-name cisco.com
ca generate rsa key 1024
ssh 10.0.0.0 255.255.255.0 inside
ca save all
write memory
Refer to the SSH - Inside or Outside section of How To Perform Authentication and Enabling on the Cisco Secure PIX Firewall (5.2 Through 6.2) for more information.