The Speed Test
 

How to enable SSH login access to a Cisco router

This guide walks you through how to setup SSH on a Cisco Router.
SSH is by far more secure then telnet. Telnet allows your passwords
to be sent in plain text that anyone can see and gain access to your
network. SSH is all encrypted traffic.

NOTE: This should work with any Cisco router provided the Cisco IOS
on the router supports ssh.

Firstly is ssh enabled?

router#sh ip ssh
SSH Disabled - version 2.0
%Please create RSA keys to enable SSH.
Authentication timeout: 60 secs; Authentication retries: 5

In this case its not, if you got a error saying that sh ip ssh is not
recognized then you would know that ssh is not supported or possibly
that the command is different for your platform.

How to enable SSH on a Cisco 800 series

router# config term
router(config)#crypto key generate rsa usage-keys label router-key
The name for the keys will be: router-key
Choose the size of the key modulus in the range of 360 to 2048 for your
Signature Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
Choose the size of the key modulus in the range of 360 to 2048 for your
Encryption Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

router (config)#
000047: *Mar 1 20:40:50.843 UTC: %SSH-5-ENABLED: SSH 1.99 has been enabled
router (config)#exit

According to the line above SSH has been enabled, we can confirm this
by running the sh ip ssh command again.

 

 

router#sh ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
router#

Now setting the router up to accept ssh logins

Usually it will anyway because by default the transport is set to all

transport preferred all
transport input all

But we want to change that

Router#conf t
!
line vty 0 4
access-class 1 in
exec-timeout 30 0
privilege level 15
login local
transport preferred ssh
transport input ssh
!
Write your config and test it.



home
Speed Test
Setting up Rancid on Freebsd 7.0
Setting up TACACS on Freebsd 7.0
Rate limiting host on a Cisco Router
Why is my internet slow?
How to enable SSH login access to a Cisco router?
Enhanced Interior Gateway Routing Protocol (EIGRP)
jlrichesin@gmail.com
Copyright ©2010 thespeedtest.com