To configure SSH access, and disable Telnet, follow these steps.

Enable the new AAA model and configure a user account and optional enable password:aaa new-modelusername cisco secret 0 ciscoenable secret 0 cisco



Generate SSH keys and set up time-out and other parameters:ip domain name some-domain.comcrypto key generate rsaip ssh version 2ip ssh time-out 60ip ssh authentication-retries 2

When generating SSH keys, you first need to specify a domain name. You will also be prompted to enter the modulus bit rate. Although 1024 is suggested, it is recommended to set it to 2048 as lower is deprecated.

Optionally, to disable Telent access, explicitly set the transport:line vty 0 4transport inp  ...