Configure SSH access on a CISCO Router
There is only a way to access a cisco device physically is Console access ( of course we have USB now). But what if we have the Router or Switch in a remote location?
We have to use Telnet to access the Router but Telnet is not a secure way of communication as the Username and Password transmit plane text format, Which is easy to capture the credentials. So we have to have a secure way of accessing the remote devices. This is where SSH comes in. SSH is a secure way of remote access with RSA encryption. Lets see how we can do configure SSH on a CISCO device
Login to the Router using console or Telnet and configure the following
first we need to Configure the Basic configurations.
1.Set hostname and domain-name
Router>Enable
Router#configure Terminal
Router(Config)#hostname lab5
Lab5(config)#ip domain-name lab5.com
Lab5(config)#enable secret cisco123
Lab5(config)#username XXXX privilege 15 secret XXXX
Now we have to configure RSA , if we use version 2 then we have to use 512 or above bits of encryption.
2.Generate the RSA Keys
Router(config)#crypto key generate rsa
The name for the keys will be: lab5.com Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
3.Next setup VTY line
Lab5(config)#line vty 0 4
Lab5(config-line)#login local
Lab5(config-line)#transport input ssh
4. Setup IP
Lab5(Config)# int g0/1
Lab5(Config-if)#ip add 192.168.100.1 255.255.255.0
Lab5(Config-if)#no shutdown
Thats all , Use the Putty or CMD to connect your Router
In CMD use SSH -l Username IPaddress
No comments:
Post a Comment