04-08-2016 08:52 AM - edited 03-12-2019 12:35 AM
Good morning,
I'm trying to enable SSH on our ASA-5510 running the k8 file listed below. Using Cisco's configuration guide listed below I'm unable to create the crypto key because the "crypto key generate rsa modulus" command isn't showing up under config t. Does aaa local authentication need to be enabled first before this command will show up? Doesn't appear to be so since this is the 3rd step.
hostname(config)# crypto key generate rsa modulus 1024
hostname(config)# write memory
hostname(config)# aaa authentication ssh console LOCAL
WARNING: local database is empty! Use 'username' command to define local users.
hostname(config)# username exampleuser1 password examplepassword1
hostname(config)# ssh 192.168.1.2 255.255.255.255 inside
hostname(config)# ssh timeout 30
The following example shows how to allow all users on the 192.168.3.0 network to access the ASA on the inside interface:
hostname(config)# ssh 192.168.3.0 255.255.255.0 inside
04-08-2016 08:54 AM
asa847-k8.bin
04-08-2016 10:14 AM
Hi,
You need to enable the Cisco ASA 3DES/AES License for this to work.
Just do a show version and it would be showing disabled.
You can obtain it using the following link:
https://supportforums.cisco.com/document/67701/asa-versions-image-names-and-licensing#How_to_obtain_strong-crypto_licenses_for_ASA
Regards,
Aditya
Please rate helpful posts and mark correct answers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide