Enabling SSH on Cisco ASA for Local Users

Basic yet a useful note, so made a post for my future reference.. Following commands are entered in global configuration mode..

Steps:-

1. Generate Crypto keys
This will be used to generate key pairs for encryption & decryption of data.
ciscoasa(config)#crypto key generate rsa

2. Create Local User Accounts
These will be used as login credentials
ciscoasa(config)#username roshan password cisco123 privilege 15

3. Allow SSH on interfaces per source subnets
This command will define the incoming interface of the ssh session and the source ip range
OUTSIDE is the interface name on my ASA
ciscoasa(config)#ssh 10.1.1.0 255.255.255.0 OUTSIDE

4. Tell ASA to use LOCAL database for usernames and passwords
ciscoasa(config)#aaa authentication ssh console LOCAL

Because the keys are generated by the ASA itself, when you try to connect it using a terminal client, It will show this error. Hit yes and you are in..