Configuring SSH ON Cisco Devices

Define a hostname and domain name for device for identify device when access it with ssh and Generate a key for encrypting data in SSH Tunnel:

Router(config)#ip domain-name home.local
Router(config)#hostname Router1
Router1(config)#crypto key generate rsa general-keys modulus 1024
The name for the keys will be: Router1.home.local

% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

*Nov  6 21:51:12.683: %SSH-5-ENABLED: SSH 1.99 has been enabled

Define a user with privilage 15 on device:

Router1(config)#username amir privilege 15 secret passwd

Report virtual memory statistics:

#vmstat

Activing SSH connection on VTY ports:

Router1(config)#line vty 0 4
Router1(config-line)#login local
Router1(config-line)#transport input ssh

Select SSH version:

Router1(config)#ip ssh version 1
Router1(config)#ip ssh version 2

Define authentication time-out time for connections:

Router1(config)#ip ssh time-out 100

If authentication is not completed 100 seconds after the connection is established, the SSH connection will be disconnected.

Define authentication retries for connections:

Router1(config)#ip ssh authentication-retries 2

In this case user be able to enter own password twice per minutes.