30th Dec 11
Mohammed Alani
When would you need this: When you need to configure your router remotely through an insecure environment.
Special Requirements: IOS version over 12.1.3.T (with a "k9" in its feature set).
Using Telnet over the Internet is not a smart choice. This is due o the fact that Telnet transports everyhting in plaintext without kind of encryption. The alternative for that is the use of Secure Shell Host (SSH). SSH encrypts the traffic between the router and the terminal to ensure protection of the content. Lets jump into the configuration now:
1. You need to setup a hostname and domain-name because they will be used in generating the security keys used in encryption:
Router#config t
Router(config)#hostname ROUTERNAME
ROUTERNAME(config)#ip domain-name SOMEDOMAIN.COM
where,
ROUTERNAME is the hostname of your choice
SOMEDOMAIN.COM is the domain name of your network. If you are not using a domain name, just give any name for the sake of SSH.
2. Generate the keys to be used for the RSA encryption:
ROUTERNAME(config)#crypto key generate rsa
[sniplet adsense]
Read the rest of the article in the Router Geek Book: Guide to Cisco Routers Configuration
Max
February 19th, 2012 at 12:04
Nice website. Found some useful information. Keep it up.
NOTE: ‘ip ssh port PORTNUMBER’ is incomplete command. IMOH, it should look like this:
Router(config)#ip ssh port PORTNUMBER rotary 1
Router(config)#line vty 0 15
Router(config-line)#rotary 1