{"id":711,"date":"2014-01-30T10:06:31","date_gmt":"2014-01-30T10:06:31","guid":{"rendered":"http:\/\/www.balajibandi.com\/?p=711"},"modified":"2018-09-22T10:10:33","modified_gmt":"2018-09-22T09:10:33","slug":"enable-and-configure-secure-shell-ssh-v2-on-cisco-devices","status":"publish","type":"post","link":"https:\/\/www.balajibandi.com\/?p=711","title":{"rendered":"Enable and Configure Secure Shell SSH  v2 On Cisco  Devices"},"content":{"rendered":"<h1><span style=\"text-decoration: underline; color: #3366ff;\"><strong>Enable and Configure Secure Shell SSH v2 On Cisco Devices<\/strong><\/span><\/h1>\n<div><\/div>\n<div><strong>CE1#show ip ssh\u00a0<\/strong><\/div>\n<div><strong>SSH Disabled &#8211; version 1.99<\/strong><\/div>\n<div>%Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2).<\/div>\n<div>Authentication methods:publickey,keyboard-interactive,password<\/div>\n<div>Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa<\/div>\n<div>Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa<\/div>\n<div>Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr<\/div>\n<div>MAC Algorithms:hmac-sha1,hmac-sha1-96<\/div>\n<div>Authentication timeout: 120 secs; Authentication retries: 3<\/div>\n<div>Minimum expected Diffie Hellman key size : 1024 bits<\/div>\n<div>IOS Keys in SECSH format(ssh-rsa, base64 encoded): NONE<\/div>\n<div><strong>CE1#config t<\/strong><\/div>\n<div>Enter configuration commands, one per line.\u00a0 End with CNTL\/Z.<\/div>\n<div><\/div>\n<div><strong>CE1(config)#ip domain-name bb.com<\/strong><\/div>\n<div><\/div>\n<div><strong>CE1(config)#username bbandi password bbandi<\/strong><\/div>\n<div><\/div>\n<div><strong>CE1(config)#crypto key generate rsa\u00a0<\/strong><\/div>\n<div>The name for the keys will be: CE1.bb.com<\/div>\n<div>Choose the size of the key modulus in the range of 360 to 4096 for your<\/div>\n<div>\u00a0 General Purpose Keys. Choosing a key modulus greater than 512 may take<\/div>\n<div>\u00a0 a few minutes.<\/div>\n<div><\/div>\n<div><strong>How many bits in the modulus [512]: 1024<\/strong><\/div>\n<div>% Generating 1024 bit RSA keys, keys will be non-exportable&#8230;<\/div>\n<div>[OK] (elapsed time was 1 seconds)<\/div>\n<div><\/div>\n<div>CE1(config)#<\/div>\n<div>%SSH-5-ENABLED: SSH 1.99 has been enabled<\/div>\n<div><\/div>\n<div><strong>CE1(config)#ip ssh version 2<\/strong><\/div>\n<div><\/div>\n<div><strong>CE1(config)#line vty 0 4<\/strong><\/div>\n<div><\/div>\n<div>C<strong>E1(config-line)#transport input none\u00a0<\/strong><\/div>\n<div><\/div>\n<div><strong>CE1(config-line)#transport input ssh\u00a0<\/strong><\/div>\n<div>CE1(config-line)#end<\/div>\n<div><\/div>\n<div>%SYS-5-CONFIG_I: Configured from console by console<\/div>\n<div><\/div>\n<div><strong>CE1#show ip ssh\u00a0<\/strong><\/div>\n<div><strong>SSH Enabled &#8211; version 2.0<\/strong><\/div>\n<div>Authentication methods:publickey,keyboard-interactive,password<\/div>\n<div>Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa<\/div>\n<div>Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa<\/div>\n<div>Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr<\/div>\n<div>MAC Algorithms:hmac-sha1,hmac-sha1-96<\/div>\n<div>Authentication timeout: 120 secs; Authentication retries: 3<\/div>\n<div>Minimum expected Diffie Hellman key size : 1024 bits<\/div>\n<div>IOS Keys in SECSH format(ssh-rsa, base64 encoded): CE1.bb.com<\/div>\n<div>ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC2sle25cmVMxdOs247A7x41eIGBPkZ61ZHr+zCORvh<\/div>\n<div>Bdrx4uFdIL9kk+Iu2swZENJHX4E7EfUKnWSW7rYe4btPKORezOhorAojgdPACcliTlSoaG\/pCGhBZCrC<\/div>\n<div>knlGoRqspnL63oDi8pqGqRNt+MnSfUgaYRm6ecgt+r3H0zmlQw==<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Enable and Configure Secure Shell SSH v2 On Cisco Devices CE1#show ip ssh\u00a0 SSH Disabled &#8211; version 1.99 %Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2). Authentication methods:publickey,keyboard-interactive,password Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr MAC Algorithms:hmac-sha1,hmac-sha1-96 Authentication timeout: 120 secs; Authentication retries: 3 Minimum expected Diffie Hellman [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,10,13,25,2],"tags":[],"class_list":["post-711","post","type-post","status-publish","format-standard","hentry","category-ccie-sec","category-ccie-rns","category-ccie-sp","category-ccie-dc","category-cisco"],"_links":{"self":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/711","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=711"}],"version-history":[{"count":1,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/711\/revisions"}],"predecessor-version":[{"id":713,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/711\/revisions\/713"}],"wp:attachment":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=711"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=711"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=711"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}