From: Salau, Yemi (yemi.salau@siemens.com)
Date: Wed Jul 18 2007 - 10:38:12 ART
It is not totally accurate to say you need to setup ssh server for the
client to work on Cisco Routers, you only need to generate rsa crypto
keys in other to enable ssh server on a router, you don't need to
generate the keys for ssh client as ssh client works by default. The
essence of the ssh client is so that Routers can connect to any ssh
server out there, be it those setup on Cisco or putty or unix/linux or
something else.
Below, I configured ssh server on R1 which connects to R2 via FR. Then I
just used ssh -l [username] [ip-addr] on R2 to connect to R1. Did this
without setting up ssh server on R2 ....
----------------------CONFIGURE on R1-------------------------------
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip domain-name test.com
R1(config)#crypto key generate rsa general modulus 512
The name for the keys will be: R1.test.com
% The key modulus size is 512 bits
% Generating 512 bit RSA keys ...[OK]
%SSH-5-ENABLED: SSH 1.99 has been enabled
Accessed by Yemi.Salau from 10.10.10.10 at 14:12:55 July 18,2007
R1(config)#do show run | b line vty
!
line vty 0 4
login local
transport input ssh
!
R1(config)#do show run | I username
username ccie password 0 cisco
--------------TEST ON R2-----------------------------------------
R2#ssh -l ccie 155.1.146.4
Password: cisco
R2>show ssh
Connection Version Encryption State Username
0 1.5 3DES Session started ccie
%No SSHv2 server connections running.
Many Thanks
Yemi Salau
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
koti sampalli
Sent: Wednesday, July 18, 2007 9:57 AM
To: ccielab@groupstudy.com
Subject: SSH client and Server function
Hi Group,
I've enabled ssh server on R1, and I can connect to R1 using ssh -l
<username> ip from other routers on the network.
SSH client functionality is available only when the SSH server is
enabled
If Why would I need ssh client on routers ? any ideas
The doc cd says:-
SSH Integrated Client
===============
The SSH Integrated Client feature is an application running over the SSH
protocol to provide device authentication and encryption. The SSH client
enables a Cisco router to make a secure, encrypted connection to another
Cisco router or to any other device running the SSH server. This
connection
provides functionality that is similar to that of an outbound Telnet
connection except that the connection is encrypted. With authentication
and
encryption, the SSH client allows for a secure communication over an
insecure network.
The SSH client in the Cisco IOS software works with publicly and
commercially available SSH servers. The SSH client supports the ciphers
of
Data Encryption Standard (DES), Triple DES (3DES), and password
authentication. User authentication is performed like that in the Telnet
session to the router. The user authentication mechanisms supported for
SSH
are RADIUS, TACACS+ and the use of locally stored user names and
passwords.
Thanks,
k
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:41 ART