When we use Telnet to log on to the device, the user name and password are transmitted in clear text, in order to ensure the security of the data, we recommend the use of SSH login device. The following is the configuration of the Cisco router SSH:
1. Configuring hostname and Domain-name
R1 (config) #hostname R1
R1 (config) #ip domain-name frame.com
2. Generate the key, here is the 1024-bit key, the key length range is 360-2048
R1 (config) #crypto key generate RSA General-keys modulus 1024
The name for the keys would be:R1.frame.com
% The key modulus size is 1024x768 bits
% generating 1024x768 bit RSA keys, keys would be non-exportable ... [OK]
R1 (config) #
3. Configure the SSH information
Configure the version of SSH that you are using:
R1 (config) #ip SSH version 2
To configure the timeout period for an SSH session:
R1 (config) #ip ssh time-out 120
To configure the maximum number of SSH authentications:
R1 (config) #ip ssh authentication-retries 3
Enable SSH and Telnet authentication:
R1 (config) #line vty 0 4
R1 (config-line) #transport input ssh telnet
R1 (config-line) #login Local//Use authentication locally, you must enter a user name and password when logging in, if no login, no password is required
4. Configure local authentication Users
R1 (config) #username frame password Cisco
5. telnet and SSH login test
Telnet login:
R2#telnet 1.1.1.1
Trying 1.1.1.1 ... Open
Username:frame
Password:
R1>
SSH Login:
R2#ssh-l Frame 1.1.1.1
Password:
R1>
Specifies the user name of the login by using-L.
Server-side view SSH session: Show SSH
R1#sh SSH
Connection Version Mode Encryption Hmac State Username
0 1.99 in AES128-CBC hmac-sha1 Session started frame
0 1.99 out AES128-CBC hmac-sha1 Session started frame
%no SSHV1 server connections running.
This article is from the "Blossom as ever" blog, please be sure to keep this source http://sunrisenan.blog.51cto.com/10217407/1871858
Cisco router SSH Login