Cisco device configuration SSH Login

Source: Internet
Author: User
Tags modulus

a pilot topology

Two-server configuration

① configuring hostname and domain name

Because RSA's secret key is generated using hostname and domain name.

Router (config) #host Server

Server (config) #ip domain name

② generating the RSA secret key

When the RSA key is generated, the SSH service automatically turns on and turns off automatically.

RSA Span style= "Color:rgb (255, 0, 0); font-size:16px; Font-family: the song body; > key pair, use crypto Key zeroize RSA global configuration mode command. Delete RSA ssh The server will automatically disable

Server (config) #crypto key generate RSA

The name for the keys would

Choose the size of the key modulus in the range of 4096 for your

General Purpose Keys. Choosing a key modulus greater than

A few minutes.

How many bits in the modulus [512]: 2048//Set secret key length

% generating 2048 bit RSA keys, keys would be non-exportable ...

[OK] (Elapsed time was 7 seconds)

Server (config) #

*may 2 09:50:12.583:%ssh-5-enabled:ssh 1.99 has been enabled//SSH auto-open

③ Configuring user Names and Passwords

Server (config) #username admin Privilege 0 Secret Cisco// here if privilege is not 0 The privileged mode is automatically entered when SSH (i.e. no enable command is required and the enable password is not required)

④ Configuring the Enable password

Server (config) #enable secret Cisco

⑤ Configuration Vty

Server (config) #line vty 0 4

Server (config-line) #exec-timeout 10 0

Server (config-line) #logging synchronous

Server (config-line) #login Local

Server (config-line) #transport input SSH

Other settings for ⑥ssh

Server (config) #ip ssh time-out//ssh time-out

Server (config) #ip ssh authentication-retries 2//ssh The number of authentication failures

Server (config) #ip versions of SSH version 2//ssh

Server (config) #ip ssh source-interface fastethernet 0/0//Specify interface if a VLAN is also available, the other interfaces on the device cannot be SSH when the interface is specified

Three-Test Login

Note: Using the SSH command above the Cisco device requires the user to be specified (if username is not configured locally)

Client#ssh-l Admin Passwor




Server#conf T

Enter configuration commands, one per line. End with cntl/z.

Server (config) #end

Cisco device configuration SSH Login

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.