Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

60-63

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 60 Router Device Administration

Optional SSH Settings on Cisco IOS Routers

Optional SSH Settings on Cisco IOS Routers

Secure Shell (SSH) is an application and a protocol that uses encryption to provide secure

communication between a client and server. You can use SSH to connect remotely to a Cisco IOS router

over a VTY line and establish an EXEC session. SSH is the recommended replacement for other

protocols, such as Telnet and rlogin, in environments where security is a concern.

All Cisco IOS routers are required to have SSH configured before they can be added to Security

Manager. This is because Security Manager uses SSH (in addition to SSL) to communicate with them.

The SSH policy provides a way to modify selected default settings and configure selected optional

settings.

Related Topics

• Defining Optional SSH Settings, page 60-63

• Chapter 2, “Preparing Devices for Management”

• Setting Up SSH, page 2-5

Defining Optional SSH Settings

SSH is configured by default with the following settings:

• Both SSH version 1 and SSH version 2 are supported.

• The negotiation phase is terminated if not completed successfully after 120 seconds.

• The router tries 3 times to authenticate SSH clients before disconnecting.

You can use Security Manager to modify these default settings and optionally configure the following

settings:

• The source interface for SSH packets.

• The name of the RSA key pair to use.

• Whether to regenerate the key during the next deployment.

Before You Begin

• Make sure that SSH is enabled on the router. See Chapter 2, “Preparing Devices for Management”.

• Make sure that the VTY lines on the router allow inbound SSH traffic. See Defining VTY Line Setup

Parameters, page 60-38.

• Make sure that a hostname and domain name are configured on the router (unless you plan to use a

different RSA key pair). You can use the CLI or the Hostname policy in Security Manager for this

purpose. See Hostnames and Domain Names on Cisco IOS Routers, page 60-77.

Related Topics

• Optional SSH Settings on Cisco IOS Routers, page 60-63

• Setting Up SSH, page 2-5

Step 1 Do one of the following:

• (Device view) Select Platform > Device Admin > Device Access > Secure Shell from the Policy

selector.

previous next