cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Configure ASA 5525 to allow SSH access

3749
Views
5
Helpful
0
Comments

Introduction:

This document explains about the issues faced in accessing ASA through SSH.

Problem:

After making the following configuration on ASA still SSH access does not work fine:ssh 10.60.0.0 255.255.0.0 outside

ssh 10.60.0.0 255.255.0.0 dmz

ssh 10.60.0.0 255.255.0.0 inside

ssh timeout 5

How can we solve this SSH access issue?

Solution:

Perform the following configuration to have successful SSH access to the ASA:

1) You need a public/private keypair configured:

asa(config)# crypto key generate rsa general-keys modulus 2048

2) Must have a username:

asa(config)# username testuser password testpass

and the system should know where your useraccounts are:

asa(config)# aaa authentication ssh console LOCAL

3)Configuration to choose the SSH version(SSHv2):

asa(config)# ssh version 2

Reference:

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/69373-ssh-inside-out-pix7x.html

Source:

https://supportforums.cisco.com/discussion/11581111/how-enable-ssh-asa-5525

https://supportforums.cisco.com/discussion/11316931/cannot-ssh-telnet-cisco-asa-5580