03-22-2005 11:37 AM - edited 03-02-2019 10:14 PM
I'd like to start using SSH as opposed to telnet for router management. Can someone outline the steps I need to take in order to enable SSH?
Thanks
03-22-2005 12:07 PM
The steps would be:
- verify that the image that you are running on your router(s) supports SSH. If they do not, upgrade the image on your router(s). (I believe that SSH is supported only on versions and feature sets that support DES/3DES)
- generate RSA keys. (to do this requires that the host name be set and that the domain name be set).
- verify that the vty port configuration includes transport ssh (it should by default, but some places put restrictive configs for transport on the vty).
- enable SSH on the router.
- use SSH to access the router.
HTH
Rick
03-22-2005 02:58 PM
Here is some documentation on the same steps suggested by Rick.
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml
03-23-2005 02:39 PM
Step 1) Make sure you have a 3DES/SSH capable IOS.
Step 2) Configure hostname and domain name.
Step 3) config(enable): crypto key gen rsa (use the defaults)
Step 4) line vty 0 4 --> Transport input ssh (to allow ssh only, add telnet in the back as fallback).
All done.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide