Thursday, December 15, 2016

Enabling SSH on Cisco Routers / Switches for Local Users

Basic yet a useful note, so made a post for my future reference..


1. Configure Domain name
Without a domain name, router will not be able to generate a RSA key itself
ip domain name roshanznet.local

2. Generate Crypto keys
This will be used to generate key pairs for encryption & decryption of data. Keys of 1024 bits will be enough and processor friendly
crypto key generate rsa

3. Enable SSH v2
More advanced version of SSH which is widely used will be enabled
ip ssh version 2

4. Create Local User Accounts
These will be used as login credentials
username roshan privilege 15 password cisco

5. Allow SSH on vty
These commands will define the input type and use local user database to login
line vty 0 4
transport input ssh
login local

Because the keys are generated by the router itself, when you try to connect it using a terminal client, It will show this error. Hit yes and you are in..

0 comments to “Enabling SSH on Cisco Routers / Switches for Local Users”

Post a Comment