Packetswitch
Sign up to Packetswitch!
Already have an account? Sign in
Cisco

Cisco Enable SSH and Initial Configurations

Suresh Vina
3 min read
Cisco Enable SSH and Initial Configurations
In: Cisco

This blog post is designed specifically for those who are taking their first steps in configuring a Cisco device and enabling SSH access. If you're a beginner or someone who is new to Cisco, you've come to the right place.

In this blog post, we will walk you through the process of enabling SSH and performing initial configurations on your Cisco switch or router, ensuring a smooth and secure setup.

1. Initial Configurations Dialogue

Once the router is booted, it prompts you to enter the initial configurations dialogue, I selected 'no' as we don't want to go through the steps.  

% Please answer 'yes' or 'no'.
Would you like to enter the initial configuration dialog? [yes/no]: no

2. Hostname and Domain Name

The first step in configuring your Cisco router is to set its hostname. The hostname is a unique name that identifies the router. I've also configured the domain name. 

Router(config)#hostname router-01
router-01(config)#ip domain-name packet.lan

3. RSA Key Pair

To enable secure communications using SSH, you need to generate an RSA key pair. To generate an RSA key pair with a modulus of 2048, use the following command. The key pair is used to encrypt and decrypt SSH communications between the router and the client.

router-01(config)#crypto key generate rsa modulus 2048
The name for the keys will be: router-01.packet.lan

% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 0 seconds)

4. Username, Password and Enable Secret

Next, create a username and password for accessing the router's configuration. This is an important security measure, as it restricts access to the router's configuration to only authorized users.

In addition to a username and password, you can also set an enable secret to restrict access to the router's privileged EXEC mode. This is a password that is required to access the router's privileged mode, which provides full access to the router's configuration.

router-01(config)#username cisco secret cisco123
router-01(config)#enable secret cisco123

5. Login Local and Transport Input SSH

To enable SSH access to the router, you need to configure the router to use local authentication and set the transport input to SSH.

First, find the VTY line number using the show run command. In our case, the value is line vty 0 4.

The command line vty 0 4 in Cisco IOS refers to a group of virtual terminal lines (0 through 4) used to establish remote console sessions to the router. This is a virtual connection to the router's console that allows for remote access and configuration. The number of lines can vary depending on the model. 

#show run

{.....}
line vty 0 4
 login
 transport input none
{.....}
router-01(config)#line vty 0 4
router-01(config-line)#login local 
router-01(config-line)#transport input ssh

6. IP Address

Finally, you need to assign an IP address to one of the router's interfaces.

router-01(config)#interface GigabitEthernet0/0
router-01(config-if)#no shut
router-01(config-if)#ip address 10.10.50.25 255.255.0.0

7. Save the Configuration

Saving the running-configuration of a Cisco router to the startup-configuration is a crucial step in the configuration process. When you make changes to the router's configuration, those changes are stored in the running configuration, which is stored in volatile memory. This means that if the router loses power or is restarted, any changes made since the last time the startup configuration was saved will be lost. To prevent this from happening, you need to save the running configuration to the startup configuration using the following command:

router-01#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]

This command saves the current running configuration to non-volatile memory, so that it is retained even if the router loses power or is restarted. It is important to remember to save the running configuration to the startup configuration after making any changes to the router's configuration, to ensure that those changes are retained.

Now you should be able to SSH to the device using the IP address and credentials we configured in the previous steps.

Conclusion

In conclusion, configuring a Cisco router for the first time can seem overwhelming, but by following these key steps, you can quickly and easily get your router up and running.

Written by
Suresh Vina

Suresh Vina

Tech enthusiast sharing Networking, Cloud & Automation insights. Join me in a welcoming space to learn & grow with simplicity and practicality.
View all posts
Comments
More from Packetswitch
Table of Contents
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Packetswitch.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.