SSH became available in Cisco's IOS, starting with release 12.1(1)T. However, only versions of IOS that support IPSec (DES or 3DES) encryption include SSH support.
Beginning with IOS Version 12.3(4)T, Cisco introduced support for SSH Version 2. The configuration is identical. However, only IOS versions that support 3DES encryption will support SSH Version 2. Also, the RSA key-pair size must be greater than or equal to 768.
Configuring SSH for secure encrypted remote access to your router
RTR1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RTR1(config)#hostname Router1
RTR1(config)#ip domain-name oreilly.com
RTR1(config)#crypto key generate rsa
The name for the keys will be: Router1.oreilly.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: 1024
Generating RSA keys ...
[OK]
RTR1(config)#ip ssh time-out 120
RTR1(config)#ip ssh authentication-retries 4
RTR1(config)#line vty 0 4
RTR1(config-line)#transport input ssh
RTR1#
No comments:
Post a Comment