How to Enable SSH on Cisco

Getting remote access of devices is essential for management of your network. SSH and Telnet are most widely used services. SSH is considered to be more secure then Telnet as SSH used encryption technologies. In this article I will explain how to enable SSH on Cisco devices (Router and Switches).

For this configuration I assume that you have already configured IP address and Router on your device, i.e your device is reachable from remote site.

Now configure Host name for your device with command

Router(config)#hostname R1

Once host name is configured, configure domain name. Domain name and host name are required for crypto certificate which will be used for encryption mechanism.

R1(config)#ip domain-name

Now we  can configure crypto key for our device. Crypto keys are required to enable SSH.

R1(config)#crypto key generate rsa general-keys modulus 1024

here 1024 is size of crypto key, Cisco recommend to use any size above 512 bit. We are creating general keys, their is an option to create key for export, which can be used for login on device without any username or password, which I will explain in next article.

Now we need to configure username and password for device:-

R1(config)#username aakar password aakar

enable password is also required to login on device:-

R1(config)#enable password aakar

If you don’t want to use enable password then you can configure your user’s privileges as 15, with below command

R1(config)#username aakar privilege 15

Now enable SSH service on your device so that we can connect to it.

R1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#transport input ssh

login local explain that username and password for authentication will be used from local database, which we have created earlier.

transport input ssh explain that only ssh method will be used for incoming connection, other wise your device will run on telnet also.

This is it Configuration is done.

Add a Comment