North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: ssh access to cisco and "unfriendlies"

  • From: Luan M Nguyen
  • Date: Tue Nov 28 15:05:04 2000

Before configuring the SSH server feature, you must configure a hostname and
host domain for your router

hostname sshunfriendlyrouter
ip domain-name

Before configuring the SSH server, you must generate a RSA key-pair for the
router. When you generate an RSA key-pair for the router, you automatically
enable SSH. When you delete the RSA key-pair, you automatically disable the
SSH server.

crypto key generate rsa 1024 (The recommended minimum modulus size is 1024
Then configure the ssh parameters...
ip ssh time-out 60
ip ssh authentication-retries 2
basically, you are done.  From unix machine logon using ssh -l command.  Or
I use TeraTerm Pro with ssh works like a charm.

-----Original Message-----
From: [email protected] [mailto:[email protected]]On Behalf Of
Sutantyo, Danny
Sent: Tuesday, November 28, 2000 12:31 PM
To: 'theo'
Cc: [email protected]
Subject: RE: ssh access to cisco and "unfriendlies"

So How do you configure to run ssh on the router? instead of telnet?


-----Original Message-----
From: theo [mailto:[email protected]]
Sent: Thursday, November 23, 2000 1:41 AM
Cc: [email protected]
Subject: Re: ssh access to cisco and "unfriendlies"

Jim Mercer wrote:

> i've been trying to get ssh access to cisco IOS 12.1.2 working, but no
> matter what i do, the openssh client says "3des not supported by server".

or you need to recompile your ssh distribution so that it supports des as
(3des is the default option). In that way it works.

If you are outside US is very unlikely that you will get a copy of 3des
software by cisco. They seem to be very strict on export policy regarding