This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.

CCIE #29033

This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.

You can also follow me on twitter @FE80CC1E


Saturday, May 15, 2010

Question 92

What is required to use ssh? Configure ssh version 2 on your vty lines.

1 comments:

Packets Analyzed said...

Prerequisites - Hostname, domain name configured, generate crypto keys, configure user authentication for local or remote access

-You must have the hostname and domain name configured before you creating the crypto key. If you have not configured the domain name you will receive the following

R2(config)#crypto key generate rsa general-keys modulus 1024
% Please define a domain-name first.

R2(config)#ip domain-name packetsanalyzed.blogspot.com
R2(config)#crypto key generate rsa general-keys modulus 1024
The name for the keys will be: R2.packetsanalyzed.blogspot.com

% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

R2(config)#
*Mar 3 18:09:08.207: %SSH-5-ENABLED: SSH 1.99 has been enabled

Here is the complete configuration

R2
__

ip hostname R2
ip domain name packetsanalyzed.blogspot.com
username packetsanalyzed password 0 cisco


ip ssh time-out 60
ip ssh logging events
ip ssh version 2

line vty 0 4
login local
transport input ssh



Test this by connecting from another router. I will be using R1.

R1#ssh -l packetsanalyzed 10.0.1.2

Password:cisco

R2> [Successfully connected to R2]


Output on R2 since we enable logging events

*Mar 3 18:20:47.691: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.0.1.1 (tty = 0) using crypto cipher 'aes128-cbc', hmac 'hmac-sha1' Succeeded
*Mar 3 18:20:50.631: %SSH-5-SSH2_USERAUTH: User 'packetsanalyzed' authentication for SSH2 Session from 10.0.1.1 (tty = 0) using crypto cipher 'aes128-cbc', hmac 'hmac-sha1' Succeeded
*Mar 3 18:22:03.655: %SSH-5-SSH2_CLOSE: SSH2 Session from 10.0.1.1 (tty = 0) for user 'packetsanalyzed' using crypto cipher 'aes128-cbc', hmac 'hmac-sha1' closed

Post a Comment