Configuring SSH access
SSH is an encrypted and secure way of remotely managing Cisco Devices. SSH is widely used instead of Telnet since Telnet is an unencrypted plain text-oriented protocol and passes data as plain text which can be easily readable by anyone.
Configuring Auto-MDIX
Configure the IP domain
S1(config)# ip domain-name [domain-name]
Generate RSA key pairs
S1(config)# crypto key generate rsa modulus [key-length]
[NOTE] The minimum RSA key length to be able to use SSH2 is 768 bits; As a recommendation we will set it to 1,024 bits
Add and Secure a User and grant privileges
S1(config-if)# user [username] privilege [rank] secret [password]
Configure Device’s VTY Lines and
S1(config)# line vty 0 15
Set the input transport mode to use SSH only
S1(config-line)# transport input ssh
Require local authentication for SSH connections from the local user database
S1(config-line)# login local
Enable SSH version 2
S1(config-line)# ip ssh version 2
Switchport Duplex and Speed Configuration Example
s1> enable S1# configure terminal S1(config)# interface fa0/1 S1(config-if)# duplex auto S1(config-if)# speed 1000 S1(config-if)# exit S1(config)#
[NOTE] Full-Duplex is always used when devices are operating at 1000Mbps/1Gpbs and/or Fiber-Optic 1000BASE-SX
Removing the existing RSA Key Pair
S1(config)# crypto key zeroize rsa
[NOTE] If the RSA key pair is deleted, the SSH will be automatically disabled.