switch> enable switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)#
Before creating the keys, it’s better to set the hostname and domain name first.
You can do this as following:
switch(config)# hostname Switch1 Switch1(config)# ip domain-name linuxsource.nl Switch1(config)#
Then generate the keys to enable SSH for local and remote authenitcation:
switch(config)# crypto key generate rsa The name for the keys will be: Switch1.linuxsource.nl Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 2048 <---- Choose the value you want (the higher the slower :) % Generating 2048 bit RSA keys, keys will be non-exportable...[OK] Switch1(config)#
Then specify the time-outs (in seconds) and authentication retires:
Switch1(config)# ip ssh time-out 30 Switch1(config)# ip ssh authentication-retries 3
Set access to the switch/router only with ssh so telnet isn’t used:
Switch1(config)# line vty 0 4 Switch1(config-line)# transport input ssh Switch1(config-line)#
Save you configuration!
Switch1(config-line)# do wr Building configuration... [OK] Switch1(config-line)#
Done !
