Backtrack:  
 
by lunarg on July 30th 2024, at 12:05

To configure SSH access, and disable Telnet, follow these steps.

  1. Enable the new AAA model and configure a user account and optional enable password:
    aaa new-model
    username cisco secret 0 cisco
    enable secret 0 cisco
  2. Generate SSH keys and set up time-out and other parameters:
    ip domain name some-domain.com
    crypto key generate rsa
    ip ssh version 2
    ip ssh time-out 60
    ip ssh authentication-retries 2
    When generating SSH keys, you first need to specify a domain name. You will also be prompted to enter the modulus bit rate. Although 1024 is suggested, it is recommended to set it to 2048 as lower is deprecated.
  3. Optionally, to disable Telent access, explicitly set the transport:
    line vty 0 4
    transport input ssh