Because who cares about the details. “Just Do It”.
“crypto key generate rsa” will have to be a replied to with at least 1024 or better 2048.
Setup SSH
conf t
hostname <HOSTNAME>
ip domain name <Domain.com>
aaa new-mode
username admin privilege 15 secret <SECRET>
enable secret <SECRET>
aaa authentication login default local
line vty 0 15
transport input ssh
interface vlan 1
ip add <192.168.0.10 255.255.255.0>
no shut
ip ssh time-out 60
ip ssh authentication-retries 3
ip ssh version 2
crypto key generate rsa modulus 4096
Create Admin and Enable Password
service password-encryption
username admin privilege 15 secret <PASSWORD>
enable secret <PASSWORD>
Configure DHCP MGMT Port
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address dhcp
negotiation auto
end
For the ASA
conf t
hostname <ASA-Hostname>
crypto key generate rsa modulus 4096
username <admin> password <MrPassword> priv 15
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
ssh version 2
ssh timeout 15
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 management
* Source: https://pei.com/set-up-ssh-cisco-asa/
Be First to Comment