#

Thursday, December 15, 2016

Enabling SSH on Cisco Routers / Switches for Local Users

Basic yet a useful note, so made a post for my future reference.. Following commands are entered in global configuration mode..

Steps:-

1. Configure Domain name
Without a domain name, router will not be able to generate a RSA key itself
R(config)#ip domain name roshanznet.local

2. Generate Crypto keys
This will be used to generate key pairs for encryption & decryption of data. Keys of 1024 bits will be enough and processor friendly
R(config)#crypto key generate rsa

3. Enable SSH v2
More advanced version of SSH which is widely used will be enabled
R(config)#ip ssh version 2

4. Create Local User Accounts
These will be used as login credentials
R(config)#username roshan privilege 15 password cisco

5. Allow SSH on vty
These commands will define the input type and use local user database to login
R(config)#line vty 0 4
R(config-line)#transport input ssh
R(config-line)#login local


Because the keys are generated by the router itself, when you try to connect it using a terminal client, It will show this error. Hit yes and you are in..

Note:- 

Default name of the device "Router" will have to be changed to generate RSA Keys
by at
Tags

2 comments:

  1. AnonymousSeptember 8, 2018 at 10:03 AM

    Ϝantastic beat ! I would like to apprentice whilst you
    amend your web site, how cɑn i subscribe for a weblog site?
    The account aided me a acceptable deal. I ԝere tiny bit acquainted
    of this your broaⅾcast offered shiny transparent idea
    Home Page : Hoԝ To Password Protect Folder

    ReplyDelete
  2. AnonymousSeptember 13, 2018 at 11:15 PM

    Theгe's definately a lot to find out about this topic.
    I like all the ρoints you've madе.
    go to mү blog : How To Password Protect Folder In Less Than Sеven Minutes
    Using Tһese Amazing Tools

    ReplyDelete

Subscribe to: Post Comments (Atom)