In this article I will write how to configure SSH on Cisco.
Connect to the device via telnet or console cable and switch to the privileged mode:
enable
Set the date and time (necessary for key generation):
show clock
clock set 12:36:10 3 Apr 2019
Go to configuration mode:
configure t
Specify the domain and device name (required for key generation):
ip domain name test
hostname Test
You can also configure NTP to synchronize time:
ntp clock-period 36029117
ntp max-associations 1
ntp server 192.168.2.2 version 2 source Vlan207
We generate a key for SSH (after entering the command, we specify the key length, for example 1024):
crypto key generate rsa
Enable storage of passwords in the configuration in an encrypted form:
service password-encryption
Create a list of addresses that will later allow the connection to the device:
access-list 11 permit 192.168.5.5
access-list 11 permit 192.168.2.2
Let us allow connection only via SSH, let us indicate that you need to terminate the session after 5 minutes of inactivity and that only the addresses specified in the access-list 11 can be connected:
ip ssh version 2
line vty 0 15
transport input ssh
exec-timeout 5 0
access-class 11 in
exit
Create an admin user:
username admin privilege 15 secret PASSWORD
Specify the password for the privileged mode:
enable secret PASSWORD
Activate the AAA protocol:
aaa new-model
Now you can try to connect to the device via SSH, if everything is ok, exit configuration mode, check configuration and save it:
exit
show running-config
copy run start
write
See also my articles:
Configuring Cisco devices