How to Setup SSH Access on a Cisco Router for Security

How to Setup SSH Access on a Cisco Router for Security

Telnet connections is not secure the data sent via telnet can be read by a packet sniffer and decoded so it is a security breach . We should avoid using telnet at all the times . we can enable ssh on cisco routers
We need to login to global configuration mode. The first criteria is to set a domain name and hostname of the router on the basis of which the RSA key is generated.

Router(config)#hostname Akash
It sets the username of the cisco router to Akash

Akash(config)#username Akash password abc
This sets the username to akash and password to abc

Akash(config)#ip domain-name routemybrain.com
Akash(config)#crypto key genrerate rsa general –keys modulus 1024

It generates an RSA key of 1024 bits we can set it upto 2048 bits
Now after generating the keys we need to make sure we setup some extra stuff like idle time out and maximum retries
Akash(config)#ip ssh time-out 60
This time out is in seconds

Akash(config)#ip ssh authentication-retries 2
Akash(config)#line vty 0 184

It selects all the lines available . If you leave a single line open hackers can exploit that
Akash(config-line)#transport input ssh telnet

This last command is very important it enables telnet and ssh both but if you want to just enable ssh on the cisco router type

Akash(config-line)#transport input ssh

Subscribe to My Youtube Channel

Akash Deep Singh

|| Eat Packets || Drink Management || Sleep Virtual || Work Linux || Think I.T. || Love MAC || Look After Windows || Dream APPS ||

2 Comments

  1. John   •  

    Hey nice article . I was able to set ssh on my cisco router . Could you please post something about SNMP . I had bad times configuring that

  2. Abir   •  

    Good work.. go ahead.

Leave a Reply

Your email address will not be published. Required fields are marked *