ASA-5510 Enabling SSH

douglas.mckee · ‎04-08-2016

Good morning,

I'm trying to enable SSH on our ASA-5510 running the k8 file listed below. Using Cisco's configuration guide listed below I'm unable to create the crypto key because the "crypto key generate rsa modulus" command isn't showing up under config t. Does aaa local authentication need to be enabled first before this command will show up? Doesn't appear to be so since this is the 3rd step.

hostname(config)# crypto key generate rsa modulus 1024

hostname(config)# write memory

hostname(config)# aaa authentication ssh console LOCAL

WARNING: local database is empty! Use 'username' command to define local users.

hostname(config)# username exampleuser1 password examplepassword1

hostname(config)# ssh 192.168.1.2 255.255.255.255 inside

hostname(config)# ssh timeout 30

The following example shows how to allow all users on the 192.168.3.0 network to access the ASA on the inside interface:

hostname(config)# ssh 192.168.3.0 255.255.255.0 inside

douglas.mckee · ‎04-08-2016

asa847-k8.bin

Aditya Ganjoo · ‎04-08-2016

Hi,

You need to enable the Cisco ASA 3DES/AES License for this to work.

Just do a show version and it would be showing disabled.

You can obtain it using the following link:

https://supportforums.cisco.com/document/67701/asa-versions-image-names-and-licensing#How_to_obtain_strong-crypto_licenses_for_ASA

Regards,

Aditya

Please rate helpful posts and mark correct answers.