• How to Configure SSH on a Cisco Router

      2 comments

    When would you need this: When you need to configure your router remotely through an insecure environment.

    Special Requirements: IOS version over 12.1.3.T (with a "k9" in its feature set).

    Using Telnet over the Internet is not a smart choice. This is due o the fact that Telnet transports everyhting in plaintext without kind of encryption. The alternative for that is the use of Secure Shell Host (SSH). SSH encrypts the traffic between the router and the terminal to ensure protection of the content. Lets jump into the configuration now:

    1. You need to setup a hostname and domain-name because they will be used in generating the security keys used in encryption:

    Router#config t

    Router(config)#hostname ROUTERNAME

    ROUTERNAME(config)#ip domain-name SOMEDOMAIN.COM

    where,

    ROUTERNAME is the hostname of your choice

    SOMEDOMAIN.COM is the domain name of your network. If you are not using a domain name, just give any name for the sake of SSH.

    2. Generate the keys to be used for the RSA encryption:

    ROUTERNAME(config)#crypto key generate rsa


     

    Read the rest of the article in the Router Geek Book: Guide to Cisco Routers Configuration

    • Nice website. Found some useful information. Keep it up.

      NOTE: ‘ip ssh port PORTNUMBER’ is incomplete command. IMOH, it should look like this:
      Router(config)#ip ssh port PORTNUMBER rotary 1
      Router(config)#line vty 0 15
      Router(config-line)#rotary 1

    Write a comment