Friday, March 11, 2011

Enabling SSH on Cisco Device

Below shows the procedure for enabling SSH on a Cisco router:

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#crypto key generate rsa
% Please define a hostname other than Router.
Router(config)#hostname RT1
RT1(config)#crypto key generate rsa
% Please define a domain-name first.
RT1(config)#ip domain-name test.com
RT1(config)#crypto key generate rsa
The name for the keys will be: RT1.test.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 1024
Generating RSA keys ...
[OK]

RT1(config)#
00:00:37: %SSH-5-ENABLED: SSH 1.99 has been enabled
RT1(config)#^Z
RT1#
RT1#sh ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
RT1#
RT1#sh ssh
%No SSHv2 server connections running.
%No SSHv1 server connections running.
RT1#
RT1#sh crypto key mypubkey rsa
% Key pair was generated at: 10:31:59 UTC Nov 20 2008
Key name: RT1.test.com
 Usage: General Purpose Key
 Key Data:
  30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 00B357DC
  9A834E22 90813C9C 467F5347 4BB44A47 C4D988F5 9E5B304E DC5F49C0 D99615CF
  03D1A53B 084163BD 645AE36F 559D23C5 CB22846D EDE9C149 9837B6C7 BD98D546
  9329F7C9 4619ACE5 CD4B8884 C6630F03 6DDFE0D6 C24BE740 874A68D4 332FAF18
  A1DB3452 9A87BC2C 380E288D BA8E57F0 056225B9 7C9EE898 EDE73C22 C5020301 0001
% Key pair was generated at: 10:32:01 UTC Nov 20 2008
Key name: RT1.test.com.server
 Usage: Encryption Key
 Key Data:
  307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00AE50E8 5BAE5D43
  A407A61F 8F6FCEF2 28A308B7 612B8375 0DD76815 3816538F F43D1D42 7927EC08
  FBDE6411 4C44BBC5 C4D39744 77D98109 FD0D8234 DDF5E75C FA51538C 327EA2A9
  29BB5D7D 47458336 24A78731 1FAA5570 03F7893A B7530A62 65020301 0001
RT1#
RT1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RT1(config)#crypto key zeroize rsa
% Keys to be removed are named RT1.test.com.
Do you really want to remove these keys? [yes/no]: yes
RT1(config)#
00:03:12: %SSH-5-DISABLED: SSH 1.99 has been disabled
RT1(config)#^Z
RT1#
RT1#sh ip ssh
SSH Disabled - version 1.99
%Please create RSA keys to enable SSH.
RT1#
RT1#sh crypto key mypubkey rsa
RT1#
Posted by Yap Chin Hoong at 7:11 AM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)