It’s a well known fact that Telnet connections are insecure because the packets are not encrypted. For this reason Secure Shell (SSH) is a must for today’s networks.
SSH provides a secure channel over an unsecured network in a client–server architecture, connecting an SSH client application with an SSH server. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22
In this <How to>
1.Configure S1
Step 1 : Configure IP Domain
S1(config)# ip domain-name wiznet.pro
Step 2 : Generate RSA keys pairs
S1(config)# crypto key generate rsa
Note : To delete the RSA key pair, use the crypto key zeroize rsa global configuration mode command. After the RSA key pair is deleted, the SSH server is automatically disabled.
Step 3 : Configure User Authentication
S1(config)# user Administrator secret wiznet
Step 4: Configure the VTY line
S1(config)# line vty 0 15 (we can choose which vty line we want to use. For example line vty 0 4)
S1(config-line)# transport input ssh
S1(config-line)# login local (In this example we use the local database but in more advance configurations we can have a AAA Server)
Step 5 : Enable the SSH version 2
S1(config): ip ssh version 2 (For better security)
2.Establish connection between PC and S1
To establish connection we can use PUTTY or another similar software. In our example we will use command promt.
In the command promt enter the command ssh -l Administrator 10.10.10.2 (ssh -l(L not 1) username ip-address of switch) and next type the password (wiznet). Now you are logged in S1 using SSH.
