Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SSH PIX / ASA

Hi Guys,

How do you enable ssh on pix and asa. I input the following command but it did not worked. Someone told me before that you have to input couple of commands to enable ssh. Could someone please help me out.

ssh 10.150.X.X 255.255.255.255 inside

Tks

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: SSH PIX / ASA

Hello Kuldeep,

First of all the ASA/PIX needs to have a domain already defined:

Something like:

domain-name yourdomain.com

Then you have to generate RSA keys for SSH to work:

crypto key generate rsa general-keys modulus 1024

(The bit lenght could be 512, 768,1024 or 2048)

If the ASA says that there is an existing key already and if you want to delete it...say yes.

Then do a wr mem and try to SSH the device.

Of course the comands you entered first are necessary too after this.

Hope it helps..

DL.

3 REPLIES
New Member

Re: SSH PIX / ASA

Hello Kuldeep,

First of all the ASA/PIX needs to have a domain already defined:

Something like:

domain-name yourdomain.com

Then you have to generate RSA keys for SSH to work:

crypto key generate rsa general-keys modulus 1024

(The bit lenght could be 512, 768,1024 or 2048)

If the ASA says that there is an existing key already and if you want to delete it...say yes.

Then do a wr mem and try to SSH the device.

Of course the comands you entered first are necessary too after this.

Hope it helps..

DL.

Re: SSH PIX / ASA

Kuldeep,    Dennis have nailed your request on how to ..   just one simple/small  observation ,    running code 7.x or above does  not need domain name configuration to generate rsa keys as required in earliest versions of PIX .

some good detailed  instructions

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml

B.Rgds

New Member

Re: SSH PIX / ASA

One thing to note, earlier versions of PIX required a different command to generate the key:

ca zeroize rsa
ca generate rsa key 1024

Although based on ASA being in the subject line, I would assume that you ARE running the 7x or above.

662
Views
0
Helpful
3
Replies
CreatePlease to create content