Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

How to enable ssh on cisco router?

user-image
Question added by Sajjad Haider Abbasi , Sr. Manager NOC & Support , Global Connect Synergy
Date Posted: 2014/01/14
Syed Ahmed
by Syed Ahmed , 3rd Line Server Engineer , Redcentric

Hope this info helps you.....

For ssh enabling

 

line vty04

transport input ssh

login local

 

For Port security removal

conf t

no switchport port-security

 

for securing over mac

conf t

Switch(config)# interface gig0/1

Switch(config-if)# switchport port-security mac-address ?

  H.H.H  48 bit mac address

  sticky  Configure dynamic secure addresses as sticky

 

 

Set port to protect

conf t

Switch(config)# interface gigabitethernet0/1

Switch(config-if)# switchport protected

 

 

Set RSTP

MSTP—This spanning-tree mode is based on the IEEE802.1s standard. You can map multiple VLANs to the same spanning-tree instance, which reduces the number of spanning-tree instances required to support a large number of VLANs. The MSTP runs on top of the RSTP (based on IEEE802.1w), which provides for rapid convergence of the spanning tree by eliminating the forward delay and by quickly transitioning root ports and designated ports to the forwarding state. In a switch stack, the cross-stack rapid transition (CSRT) feature performs the same function as RSTP. You cannot run MSTP without RSTP or CSRT

 

 

Beginning in privileged EXEC mode, follow these steps to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port:

 

 

Fahad Faiz
by Fahad Faiz , Executive II , WorldCall Telecom Limited - An Omantel Company

Router(config)#hostname R1        ! Whatever Hostname you want for your router 

R1(config)#enable secret cisco   ! Whatever password to want to set, because it will be needed to enter in global config mode

R1(config)#ip domain-name Cipher  ! This cmd is important while enabling ssh inthe router

R1(config)#crypto key generate rsa  

The name for the keys will be: R1.Cipher

Choose the size of the key modulus in the range of360 to2048 for your General Purpose Keys. Choosing a key modulus greater than512 may take a few minutes.

How many bits in the modulus [512]: 1024

% Generating1024 bit RSA keys, keys will be non-exportable...[OK]

*JAN150:1:24.696:  %SSH-5-ENABLED: SSH1.99 has been enabled 

R1(config)#ip ssh version2  ! Even though, due to the size of the key, it automatically enabled the version2 of ssh, but to make sure we can always use this cmd.

 

! Now enabling Remote connectivity with the SSH protocol

R1(config)#line vty0  ! Only one session can established at a time

R1(config-line)#password cisco  ! Needed when connecting with the router via SSH 

R1(config-line)#transport input ssh ! Here specifically defining which protocol to use when Remotely connecting with the router.  

R1(config-line)#login

 

R1(config-line)#exit

! If your not using any3rd party Client to connect with your router and simply using command prompt to connect with the router. 

C:\\> ssh -l Cipher192.168.1.1     ! Then you need to type this on your cmd prompt , here Cipher is the domain name we mentioned during the config following by the IP address of the router 

Open

 

Password:                         ! Password given in the vty lines

R1> enable

Password:                         ! Enable secret password

 

R1# 

Saqib Mehmood
by Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group

Router(config)# hostname (routername)

Router (Config) # ip domain-name cisco.com

Router (Config) # crypto key generate rsa

Router (Config) # username (username) password (yourpassword)

Router (Config) # enable password (yourpassword)

Router (Config) #line vty04

Router (Config) # transport input ssh

Router (Config) #login local

More Questions Like This