https://supportforums.cisco

shraddha.pajwani · ‎08-09-2016

I have two routers that is connected to two different service provider which can access via telnet however can not be accessed via SSH.

ine vty 0 4
access-class 23 in vrf-also
privilege level 15
transport input telnet ssh
line vty 5 15
access-class 23 in vrf-also
privilege level 15
transport input telnet ssh

access-list 23 permit X.X.246.84
access-list 23 permit X.X.184.164
access-list 23 permit X.X.230.94
access-list 23 permit 10.0.0.0 0.255.255.255
access-list 23 permit X. X.235.0 0.0.0.248

I like to get SSH access along with Telnet access. Please advise.

Thank you

Shraddha

Aditya Ganjoo · ‎08-09-2016

Hi Shraddha,

Have you generated the crypto key for SSH ?

Could you share the output of show ip ssh ?

If you have all the config for SSH then please share the output of debug ip ssh.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

shraddha.pajwani · ‎08-10-2016

Hi, Aditya

I don't have crpto key for SSH. Rest of the routers in network are logging in using putty SSH and can login successfully with SSH access. Besides these two routers that are connected to ISP.

show ip ssh
SSH Disabled - version 2.0
%Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).
Authentication methods:publickey,keyboard-interactive,password
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
MAC Algorithms:hmac-sha1,hmac-sha1-96
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): NONE

Karsten Iwen · ‎08-15-2016

https://supportforums.cisco.com/document/12338141/guide-better-ssh-security

SSH access on router