Iqbal

Setup SSH on Cisco Switch

Iqbal -

Sometimes, basic configuration are tend to forgot. This post to keep a record of basic configuration for setting up SSH on IOS router/switch. 

aaa new-model
ip domain-name [your_domain_name]
enable secret [your_secret_word]
username [your_username] secret [your_secret_word]
ip ssh rsa keypair-name [any_keypair_name]
crypto key generate rsa usage-keys label [any_keypair_name] modulus 1024
ip ssh version 2
line vty 0 4
 transport input ssh
Cisco IOS CLI

For older IOS software images, we might also need to add the KexAlgorithms (Key Exchange Algorithms) into your config  (~/.ssh/config) file. Create ssh config file if we dont have it yet.

cd ~/.ssh/
nano config
Ubuntu client

Add the following lines for ssh configuration depending on your platform.

Host [ip_address_R1]
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
Host [ip_address_R2]
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group14-sha1

Troubleshooting and verify config.

show ssh
show ip ssh
debug ip ssh
Cisco IOS CLI

Thanks!