Cisco - Enable SSH login

Setting the Enable Mode Password

1

(Config)#enable secret ccna

To enable login access to the vty lines, you must first set the password for the enable mode. Otherwise, you will not be able to enter the enable mode after logging in.

Configure a Domain Name

1

(config)#ip domain-name ccna.com

Using ip domain-name to setup domain name ccna.com

Generate an RSA key pair

1

(config)#crypto key generate rsa

How many bit in the modulus[512]:1024

Using 1024-bit encryption (default is 512).

Enable SSH Connection

1

(config)#ip ssh version 2

Specify the version of SSH is 2

Create Local Account

1

(config)#username cisco privilege 15 secret ccna
CommandDescription
username cisco secret ccnaCreate a user account with the username “cisco” and a secret password of “ccna”.
privilege 15Set the user account to the highest privilege level (i.e., level 15), which provides full access to all commands on the device.

Configure the VTY lines to use SSH

1

(config)#line vty 0 4

Enabling 0-4 VTY connections (i.e., maximum of 5 simultaneous connections).

Use the local account for authentication

1

(config-line)#login local

Use the local username and password

Use SSH transport

1

(config-line)#transport input ssh

Save the configuration

1
2

end
copy running-config startup-config

Testing SSH Connection

1

 #ssh -l cisco 10.255.255.254

Test logging in to another Cisco device.

10.255.255.254 is the IP address of the router.

image-20210917075953454

Or use a Windows SSH terminal.

After completing these steps, you should be able to SSH into the Cisco device using the configured username and password.

Reference: