amerretz
asked on
Cisco 831 vty ssh login
Hi,
Just trying to setup my vty 0 line to use ssh.
I have dont the following
Router#config terminal
Router(config)#hostname RouterOne
RouterOne(config)#ip domain-name mydomain.com
RouterOne(config)#crypto key generate rsa
The name for the keys will be: RouterOne
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
Generating RSA keys ...
[OK]
RouterOne(config)#ip ssh time-out 60
RouterOne(config)#ip ssh authentication-retries 2
RouterOne(config)#line vty 0 4
RouterOne(config-line)#tra nsport input ssh
RouterOne(config-line)#^Z
RouterOne#
-------------------------- ---------- ---------- -
I have also setup usernames and passwords.
Now the problem I am having is connecting via SSH. I am using a application called SecureCRT and it has an option to connect via SSHv1. I cannot seem to get it to connect?
Just trying to setup my vty 0 line to use ssh.
I have dont the following
Router#config terminal
Router(config)#hostname RouterOne
RouterOne(config)#ip domain-name mydomain.com
RouterOne(config)#crypto key generate rsa
The name for the keys will be: RouterOne
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
Generating RSA keys ...
[OK]
RouterOne(config)#ip ssh time-out 60
RouterOne(config)#ip ssh authentication-retries 2
RouterOne(config)#line vty 0 4
RouterOne(config-line)#tra
RouterOne(config-line)#^Z
RouterOne#
--------------------------
I have also setup usernames and passwords.
Now the problem I am having is connecting via SSH. I am using a application called SecureCRT and it has an option to connect via SSHv1. I cannot seem to get it to connect?
It should work fine with SSHV1. I use Secure CRT without a problem- but check the Secure CRT session configuration and verify that it's using port 22, not port 23. It seems to get confused and tries ssh on port 23 if you don't fix it.
ASKER
When I try to telnet to my hostname it does not work.... I have to telnet to the IP address. Do you think this would have impact on connection? Why do you think I cant telnet or ping my routers hostname?
I have seen in tutorials that the hostname is used as opposed to the ip address and it works.
Thanks
I have seen in tutorials that the hostname is used as opposed to the ip address and it works.
Thanks
ASKER
How do I find out the rsa that the cisco router generated? Do I need to enter this key into the SecureCRT properties?
Can you tell me what settings you are using? Does the hostname use NETBIOS or does a host record need to be created through DNS?
Thanks
Can you tell me what settings you are using? Does the hostname use NETBIOS or does a host record need to be created through DNS?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also make sure that under the ssh authentication methods, that RSA and password are checked.
ASKER
I had a acl blocking vty 0 .......
Thanks for your help, its working now.
Thanks for your help, its working now.
Ahh, that would do it. I assumed that the config you posted was all there was for vty 0.
ASKER
Yeah but I wasnt using CRT through a computer that only had console access. I am trying to harden the security on this router.
I have vty 1 4 disabled. Only allow vty 0 from 1 ip address. It wouldve helped if I was trying this all from that address.....hehehehe sorry
I have vty 1 4 disabled. Only allow vty 0 from 1 ip address. It wouldve helped if I was trying this all from that address.....hehehehe sorry