Command
SSH
Use
Allows you to securely connect to a remote device. Unlike telnet, all packets are encrypted. As a result, SSH is a much more secure method of connecting to a device.
Syntax
Router#ssh -l <user> <ip address or DNS name>
Optional Switches
-c Select encryption algorithm
-l Log in using this user name *Requried
-m Select HMAC algorithm
-o Specify options
-p Connect to this port
-v Specify SSH Protocol Version
Note: There are more options for SSH but they are considered above and beyond the CCNA level.
Example
This example demonstrates how to use SSH on one of the routers. Before enabling SSH, however, there a few requirements that must be completed:
- You must set a domain-name on the Router with the ip domain-name <name> command
- You have to generate an encryption key. This is done with the crypto key generate rsa command
- Under line vty <line number>, you will need to enable SSH with transport input ssh
- Under line vty <line number>, you will also need to enable username authentication with local local
- Finally, you need to create a user account on the router with username <word> password <word>
R1(config)#crypto key generate rsa R1(config)#ip domain-name howtonetwork.net How many bits in the modulus [512]: R1(config)# R1(config)#line vty 0 4 |
After configuration is complete, we use SSH to connect to R1 via R2.
R2#ssh -l R1 10.1.1.1 Password: ***** R1> |