https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417354#M529748 <HTML><HEAD></HEAD><BODY><P>If you want to access your PIX from the outside use SSH, to configure SSH access on the PIX do (in config mode): </P><P></P><P>ca generate rsa key 1024 </P><P>ca save all </P><P></P><P>To view your SSH key issue: show ca mypubkey rsa </P><P></P><P>In your PIX config you&#146;ll need to allow the appropriate IP addresses that are allowed to connect to the PIX via SSH, you can do two things here, either allow any source IP address or you can tie it down to a specific IP address i.e. </P><P></P><P>(in config mode) </P><P></P><P>ssh 0 0 outside </P><P></P><P>The above will allow anyone to SSH onto your PIX (as long they know your PIX public IP address); make sure that your passwords are STRONG. </P><P></P><P>You can also tie it down so that only specific public IP addresses are allowed to SSH onto your PIX i.e. </P><P></P><P>ssh <PUBLIC_IP> 255.255.255.255 outside </PUBLIC_IP></P><P></P><P>You can download free SSH client &#150; i.e. putty.exe &#150; just do a search on Google for it! </P><P></P><P>Remember the SSH login is - pix - and then use your PIX password's to log onto your device.</P><P></P><P>Hope this helps.</P><P></P><P>Jay</P></BODY></HTML> Thu, 08 Dec 2005 17:20:35 GMT jmia 2005-12-08T17:20:35Z https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417353#M529747 <P>without the use of VPN, a way to form telnet/ssh connection into Pix from outside network with a ssh client. </P> Fri, 21 Feb 2020 08:34:57 GMT https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417353#M529747 r.saklani 2020-02-21T08:34:57Z https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417354#M529748 <HTML><HEAD></HEAD><BODY><P>If you want to access your PIX from the outside use SSH, to configure SSH access on the PIX do (in config mode): </P><P></P><P>ca generate rsa key 1024 </P><P>ca save all </P><P></P><P>To view your SSH key issue: show ca mypubkey rsa </P><P></P><P>In your PIX config you&#146;ll need to allow the appropriate IP addresses that are allowed to connect to the PIX via SSH, you can do two things here, either allow any source IP address or you can tie it down to a specific IP address i.e. </P><P></P><P>(in config mode) </P><P></P><P>ssh 0 0 outside </P><P></P><P>The above will allow anyone to SSH onto your PIX (as long they know your PIX public IP address); make sure that your passwords are STRONG. </P><P></P><P>You can also tie it down so that only specific public IP addresses are allowed to SSH onto your PIX i.e. </P><P></P><P>ssh <PUBLIC_IP> 255.255.255.255 outside </PUBLIC_IP></P><P></P><P>You can download free SSH client &#150; i.e. putty.exe &#150; just do a search on Google for it! </P><P></P><P>Remember the SSH login is - pix - and then use your PIX password's to log onto your device.</P><P></P><P>Hope this helps.</P><P></P><P>Jay</P></BODY></HTML> Thu, 08 Dec 2005 17:20:35 GMT https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417354#M529748 jmia 2005-12-08T17:20:35Z https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417355#M529749 <HTML><HEAD></HEAD><BODY><P>just a quick comment.</P><P></P><P>before the rsa key can be generated, a hostname and a domain need to be configured.</P><P></P><P>e.g.</P><P>hostname pix</P><P>domain-name yourcompany.com</P><P>ca generate rsa key 1024</P><P>ca save all</P></BODY></HTML> Thu, 08 Dec 2005 22:38:51 GMT https://community.cisco.com/t5/network-security/ssh-telnet-from-pix-outside-interface/m-p/417355#M529749 jackko 2005-12-08T22:38:51Z