Search My Techie Guy

Thursday, November 16, 2017

How to enable SSH and TELNET access to your CISCO router?


Summary: 

 This post will show you how to quickly enable SSH or TELNET access to your cisco device

 Problem or Goal: 

 To allow remote SSH or TELNET into your cisco device

 Cause:

 For remote access and management

 Solution: 

 1. First you need to create a username and password which will be used for this connection. also the service password-encrption command will encrypt all passwords.

#configure t
Enter configuration commands, one per line.  End with CNTL/Z.
(config)#username admin password my_passwd
(config)#service password-encryption
(config)#do wr
Building configuration...
[OK]
(config)#end
#

 2. Check to see if ssh service is enabled

 #show ip ssh

 SSH Disabled - version 1.99
%Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).
Authentication methods:publickey,keyboard-interactive,password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): NONE

 3. Enable ssh service, this will require that you define a domain-name first.

 (config)#ip domain-name mtnss.com
(config)#crypto key generate rsa 
The name for the keys will be: router_name.domain.com
Choose the size of the key modulus in the range of 360 to 4096 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

 How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 2 seconds)

 *Nov 16 09:15:30.339: %SSH-5-ENABLED: SSH 1.99 has been enabled

 4. Check again to confirm that the SSH service has been enabled

 #show ip ssh

SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAAg5nxMPBibofHZdpO4BGd40p6GXjIMEOOlJTjm0
yIFGjEeH/1wvEE/LIyFH5lm9uxo74wTyC+u9TLLfYwOFhjg+YMihr0Ifpr0kYvb5Vz4lckqWV0a8i

 5. Configure line console

 #configure t
(config)#line con 0
(config)# logging synchronous
(config)#login local
(config)# do wr
(config)#end

6. Configure line VTY and allow SSH and TELNET

 #configure t
(config)#line vty 0 4
(config)#login local
(config)#transport input telnet ssh
(config)# do wr
(config)#end

 Problem Solved?

 Verify by trying to ssh/telnet into your device from a remote computer. make sure the network connection is reachable before testing SSH or TELNET
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)