Enable SSH V2


This is a quick overview of how to see whether or not you are running ssh version 2 and activate it.



So we are going to start off with showing whether or not we are running SSH:

show ip ssh - shows us the current version and whether or not ssh is enabled or disabled

We can see a few things:

  • SSH is disabled
  • Version 1.5 is running
  • We need to create RSA keys to be able to authenticate with SSH
Lets try to enable ssh by creating rsa keys:

crypto key generate rsa
Before the router will let us generate keys we must have a domain name. This can be your companies domain such as google.com or whatever domain you are using... for this case ill use cisco.com. 

Create domain name :

         ip domain name cisco.com

Then try to do key generate again :
        
        crypto key generate rsa 


After creating the domain and generating keys you should get the following:

It is asking us how many bits we are going to use 2048.




Now we see that SSH 1.5 has been enabled !


R3#sh ip ssh
SSH Enabled - version 1.5
Authentication timeout: 120 secs; Authentication retries: 3
R3#sh run | i ssh
ip ssh version 1

The current version running is version 1. Lets say we want to run version 2. We would enter the following:

!
R3(config)#ip ssh version 2
R3(config)#exit
!
R3#sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3









Comments

Post a Comment

Popular posts from this blog

HULC LED PROCESS - 3750 High CPU

Image
If you're looking at a switch and you see the HULC LED Process running high. The HULC LED process does some of the following tasks: 1. Check link status on every port 2. If the switch supports POE, it checks to see if there is a power device 3. Transceiver checks 4. Fan status updates 5. Set LED ports 6. Check on temperature status Overall the HULC LED Process is a monitoring process running. During looking into this I turned off all non-used ports since it checks the link status. Then I made sure the environment was good. Two Cisco Bugs: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi78581 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn42790
Read more

%PLATFORM_UCAST-4-PREFIX: --------- TCAM 3750 Switch

Image
 %PLATFORM_UCAST-4-PREFIX:  One or more, more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded So what is TCAM ? Ternary Content Addressable Memory is used in multi-layer switching also know as Layer 3 switching. The switches forward the packets and frames at the speed of the line by using ASIC hardware. Normally switches make there forwarding decisions based on Layer 2. TCAM is used for Layer 3 components and other features such as QOS and ACES ( Access List ).  Check TCAM and usage of templates being used in the device.  show sdm prefer ? ! This will show us the templates that can be used in the device to give more resources to one feature or the other. For example the default is the equal resource distribution while the routing gives more resources to Layer 3 routing. show sdm prefer ! The command without the "?" will show us what we are cu...
Read more