Before configuring SSH, the switch our router needs to have the following:
- The switch or router will need a hostname
- The switch or router will need a domain name
- The switch or router will need an RSA key
- The switch or router will need a user account
Follow these directions to configure a Cisco switch or router to allow SSH connections using IOS.
- In IOS, type enable and press enter
- Type configure terminal and press enter
- Type line vty 0 4 and press enter
- Type transport input ssh and press enter
Note: Telnet could also be enabled, but this is typically avoided, because Telnet is cleartext (example: transport input telnet)
- Type login local and press enter
- Type exit and press enter
To test the SSH connection, using another Cisco router or switch, issue the following command to make the connection to the switch or router that has been configured to accept SSH connections. Replace username and IP address with the username and IP address of the remote router or switch.
ssh -l username 192.168.0.1
The reload command can be used to return the switch to the configuration it had before any changes were made.
To ensure these changes remain saved if the switch is restarted, save the changes to the startup-config. Type copy running-config startup-config and press enter. This saves to NVRAM. To ensure the startup-config contains the new config, use the show startup-config command. It is also possible to save the changes to flash using the copy startup-config flash command. Then use the show flash command, and the startup-config file should be listed.
Did you find this article helpful?
If so, consider buying me a coffee over at