How to enable SSH on router Switch on GNS3 | Configuring Secure Shell Cisco

CLI configuration of SSH on Cisco Router/Switch

Secure Shell (SSH) is a protocol like telnet which provides you a secure remote connection to network devices. Telnet communication is in clear text and a hacker can capture your login information and other contents using a packet sniffer. Whereas SSH creates an encrypted communications tunnel between you and the router. There are two types of SSH i.e.
  • SSh version 1
  • SSH version 2

Now a day’s everyone is using version 2 because it is more secure and have better encryption algorithm.
In this GNS3 lab I will show you that how you can configure your router or switch for SSH access, you need a k9(crypto) IOS image for SSH configuration. I have used 3725 IOS you can download it from this link: k9(crypto) Cisco IOS image


Lab Objective/Task:
1.       Configure SSH communication on L3_Switch.


The topology is simple and our task is to configure SSH on L3_switch, we need the following steps on L3_Switch for accomplish this:
Configure the hostname:
Router#Enable
Router#config t
Router#(config)hostname L3_Switch
Telnet does required only the password where as SSH uses both username and password. Therefore we need to create a user for SSH.
L3_Switch#(config) aaa new-model
L3_Switch#(config) username admin secret 5 cisco (“secret” uses the MD5 hash in running config, where 5 Specifies a HIDDEN secret will follow and Cisco is the hidden password)


Configure the DNS domain:
L3_Switch#(config)ip domain name cisco.com
Enable SSH:
L3_Switch#(config) crypto key generate rsa

How many bits in the modulus [512]:
(If you can want to enable 512 bits encryption then press enter otherwise you can type the other values like 1024 etc.)
L3_Switch#(config)#ip ssh version 2
L3_Switch# (config)#line vty 0 4
L3_Switch# transport input SSH
L3_Switch# (config-line)#login local

Testing:
You can test SSH configuration from R2 by accessing L3_switch by SSH with following command:

ssh -l admin 192.168.72.100
Related Topic:

No comments:

Post a Comment

UA-23728446-1