US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10

EMEA Region

ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43


Grandmetric LTD
Office 584b
182-184 High Street North
E6 2JA
+44 20 3321 5276

  • en
  • pl
  • How to enable SSH on Cisco device?

    Design & Configure

    How to enable SSH on Cisco device?

    Technology: Device Management
    Area: SSH
    Vendor: Cisco
    Software: 12.X , 15.X, Crypto Images
    Platform: Catalyst 2960-X, Catalyst 3560, ISR Routers

    Secure Shell (SSH) allows encrypted communication with devices. How to enable SSH on Cisco device? You need to have crypto image (or license supporting SSH). First, generate RSA keys for encryption. To generate them you need to specify hostname of device and any domain name.

    Router(config)#hostname Router-Branch
    Router-Branch(config)#ip domain-name grandmetric.labs
    Router-Branch(config)#crypto key generate rsa
    The name for the keys will be:
    Choose the size of the key modulus in the range of 360 to 4096 for your
    General Purpose Keys. Choosing a key modulus greater than 512 may take
    a few minutes.
    How many bits in the modulus [512]: 1024
    % Generating 1024 bit RSA keys, keys will be non-exportable...
    [OK] (elapsed time was 1 seconds)
    ! generate keys
    Router-Branch(config)#%SSH-5-ENABLED: SSH 1.99 has been enabled

    To enable ssh authentication you need to configure at least local username and password (SSH doesn’t allow loging without user/pass pair):

    Router(config)#username testuser privilege 15 secret GMSL@BS

    And create authentication list pointing to local database of users

    Router(config)#aaa new-model
    Router(config)#aaa authentication login default local
    Router(config)#line vty 0 15
    Router(config-line)#transport input ssh


    Author: Marcin Bialy