Enabling SSH on a Cisco Router for Secure Remote Login


  1. Ensure you have a hostname configured on your router:
    Router#conf t
    Router(config)#hostname router23
  2. You must also configure a domain name:
    Router(config)#ip domain-name soundtraining.net
  3. Generate an RSA keypair with a key length of 1024 bits using the following sequence of commands:
    router(config)#crypto key generate rsa
  4. The name for the keys will be: routername.soundtraining.class (where routername is your router’s hostname)
  5. Choose the size of the key modulus in the range of 360 to 2048 for your
    General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
  6. How many bits in the modulus [512]: 1024
    % Generating 1024 bit RSA keys …[OK]
  7. Create a username in the router’s local database for SSH authentication using the following command (for the purpose of the exercise, use the username “user15”):
    router01(config)#username user15 privilege 15 secret 0 p@ss5678>
  8. Enable login authentication against the local database when logging in to a terminal line with the following commands:
    router01(config)#line vty 0 4
  9. router01(config-line)#login local
  10. Enable SSHv2 and the previously configured keypair with the following commands:
    router01(config)#ip ssh version 2
    router01(config)#ip ssh rsa keypair-name routername.soundtraining.class (where routername is your router’s hostname)
  11. Attempt to login to your router using the PuTTY SSH client, available from www.putty.org

source: http://www.soundtraining.net/i-t-tutorials/cisco-tutorials/31-cisco-router-ssh-configuration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s