In my previous article: Using SSH Instead of Telnet I gave you an overview why you must use SSH instead of telnet. In this article I will show you how to configure a router as an SSH server. Keep in mind that you will need an SSH client to connect to the server. Popular SSH clients are Teraterm, Putty and OpenSSH.
Before configuring SSH, verify that you have configure your router as AAA server with local authentication and you have set all the appropriate usernames and passwords
Here is the configuration:
Configure the hostname on the device
Router(config)#hostname yourhostname
- Configure the domain name
Router(config)#ip domain-name yourdomain.com
- Generate RSA keys
Router(config)# crypto key generate rsa
- Configure the SSH sessions timeouts
Router(config)#ip ssh timeout seconds
- Configure the SSH retries
Router(config)#ip ssh authentication-retries number of retries
- Disable the telnet in the inbound direction on your vty lines
Router(config)#line vty 0 4
Router(config-line)#no transport input telnet
- Enable SSH on the vty
Router(config-line)#transport input ssh
Now you are ready to access your devise securely with your SSH client.
as8ahaycm91f80wc