Allows you to securely connect to a remote device. Unlike telnet, all packets are encrypted. As a result, SSH is a much more secure method of connecting to a device.
Router#ssh -l <user> <ip address or DNS name>
-c Select encryption algorithm
-l Log in using this user name *Requried
-m Select HMAC algorithm
-o Specify options
-p Connect to this port
-v Specify SSH Protocol Version
Note: There are more options for SSH but they are considered above and beyond the CCNA level.
This example demonstrates how to use SSH on one of the routers. Before enabling SSH, however, there a few requirements that must be completed:
- You must set a domain-name on the Router with the ip domain-name <name> command
- You have to generate an encryption key. This is done with the crypto key generate rsa command
- Under line vty <line number>, you will need to enable SSH with transport input ssh
- Under line vty <line number>, you will also need to enable username authentication with local local
- Finally, you need to create a user account on the router with username <word> password <word>
R1(config)#crypto key generate rsa
R1(config)#ip domain-name howtonetwork.net
How many bits in the modulus :
R1(config)#line vty 0 4
After configuration is complete, we use SSH to connect to R1 via R2.
R2#ssh -l R1 10.1.1.1