Tuesday 20 March 2012

Cisco's SSH

SSH by default runs in compatibility mode; that is, both SSH Version 1 and SSH Version 2 connections are honored. You can limit the choice using the command ip ssh version. SSH Version 1 is a protocol that has never been defined in a standard as a result its best to always set the SSH version to 2.


Method 1 to enable SSH

Set the hostname (hostname xxx)

Set the domain name (ip domain-name xxx)
Generate the key pair (crypto key generate rsa)


Default: 512 bits (results in ssh v1.5)
               >=768 bits (results in ssh v2)
               2048 (max bit size)






Method 2 to enable SSH



ip ssh rsa keypair-name
crypto key generate rsa label abckey


Default: 512 bits (results in ssh v1.5)
               >=768 bits (results in ssh v2)
               2048 (max bit size)




No comments:

Post a Comment