Enable SSH on IOS AP.


To enable SSH on an AP you should use the command :

Auto1242(config)#crypto key generate rsa general-keys
The name for the keys will be: Auto1242.cable.quicknet.nl
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

1024 bits is the recommended value.

Now we’re going to use Putty to SSH to the AP.
If it’s setup correctly we’ll see :
ssh_putty

After we click on yes we’ll see the prompt :

login as: cisco
cisco@192.168.1.105’s password:

Auto1242>en
Password:
Auto1242#

To verify the SSH configuration use the command :
Auto1242#sh ip ssh
SSH Enabled – version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
Auto1242#show ssh
Connection Version Mode Encryption Hmac State Username
1 2.0 IN aes256-cbc hmac-sha1 Session started cisco
1 2.0 OUT aes256-cbc hmac-sha1 Session started cisco
%No SSHv1 server connections running.

To disable SSH on the AP you must use the command :
Auto1242(config)#crypto key zeroize rsa
% All RSA keys will be removed.
% All router certs issued using these keys will also be removed.
Do you really want to remove these keys? [yes/no]: yes

And now you’re unable to SSH to the AP.

Tags: , , ,

About Joost van der Made

Me

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: