Enabling SSH for remote management of Cisco devices

By | April 22, 2012

The network looks like the below

The IP address have be preconfigured as 192.168.1.x/24. The first thing we need to do is to set up a domain name. This is used to generate the rsa keys for SSH.

R1(config)# ip domain-name cisco.com

Once we have set the domain name we need to generate security keys for SSH.

R1(config)# crypto key generate rsa

we now need to select the key size. we need a minimum of 768 bits for SSH ver 2. We then need to set the version to version 2.

Once this is done we need to create a username and password for us to be able to SSH to our router. This is done like below.

R1(config)# username user password cisco

We now need to go under the vty lines and use the command “login local” to get the router to accept logins from the local user database.

R1(config)# line vty 0 4
R1(config-line)# login local

Now to test our config. On R2 we use the following command to SSH to R1 where -v is version and -l is login

R2# ssh -v 2 -l user

We have now connected to R1 using SSHv2