Configure SSH on Cisco IOS devices

As you probably know, telnet as protocol is highly insecure. Thus, it is recommended to use ssh. Configuring ssh on Cisco IOS devices is considered as must in any environment.

I have created simple topology, which will help us to configure and verify ssh configuration. There are two routers in topology and R1 will be used as ssh enabled device (Slide 1). Please remember, remote management protocol enabled by default is telnet, which sending data in clear text and therefor is considered insecure.

Configure SSH on Cisco IOS devices

Slide 1.

First create hostname on device. This is optional and you can leave name by default.

R1(config)#hostname test_SSH

Then configure AAA with local username and password which will be used in absence of any other authentication method.

test_SSH(config)#aaa new-model
test_SSH(config)#username root password cisco

Now configure DNS domain of the router:

test_SSH(config)#ip domain-name

Next step is to generate ssh key, followed with key size. I have generated 1024 bit size key.

test_SSH(config)#crypto key generate rsa modulus 1024

Last step is to configure ssh to be used for remote login. I configured VTY lines to use only ssh.

test_SSH(config)#line vty 0 15
test_SSH(config-line)#transport input ssh

Verify you configuration by typing following syntax on R2:

R2#ssh -l root

As you can see I`m trying to access (test_SSH router) with user root. On password prompt type cisco as you password. If everything is configured well you will be logged in test_SSH router.

R2#ssh -l root


I hope that this tutorial was informative to you and thank you for visiting this website.

Dejan Dzodan

Dejan Dzodan

IT professional for more then 15 years, mostly in financial institutions but with experience in ISP and retail. Proven in networking and overall infrastructure projects. Cisco instructor.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + 5 =