how to enable SSH on Cisco IOS routers

By donmc, 19 June, 2009

It's worth enabling SSH in nearly every case for normal day to day remote access. This is mainly due to the inherently insecure nature of its little brother - TELNET, which is completely un-encrypted and therefore sniffable on any network.

Here's how:


R2(config)#ip domain name cisco.com
R2(config)#crypto key generate rsa
The name for the keys will be: R2.cisco.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]:
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]
R2(config)#
*Mar 1 0:23:32.347: %SSH-5-ENABLED: SSH 1 has been enabled
R2(config)#
R2(config)#line vty 0 15
R2(config-line)#transport input ssh
R2(config-line)#exit
R2(config)#exit
R2(config)#