CISCO SSH 설정

conf t#

ip doamin name ssh

ip ssh time-out 10

ip ssh authentication-retries 2

ip ssh port 7777 rotary 1

ip ssh rsa keypair-name ssh

ip ssh version 2

 

line vty 0 4

    transport preffered ssh

    transport input ssh

    transport output all

 

 

비고: RSA Key 생성   

 생성 안 된 경우에는,  ssh 접속 시 에러 발생 함(Connection refused)  

 

 1. show ip ssh 로 체크 시"ssh Disabled"  인 경우 RSA Key 생성이 안 되어 있어서 그렇다.

2. 설정 

router# config term
router(config)#crypto key generate rsa usage-keys label router-key
The name for the keys will be: router-key  ( ssh ) 로 입력
Choose the size of the key modulus in the range of 360 to 2048 for your
Signature Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
Choose the size of the key modulus in the range of 360 to 2048 for your
Encryption Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

router (config)#

3. 접속 테스트 

 

참고 url: https://community.cisco.com/t5/routing/enable-ssh-v2/td-p/1810524