SSH Overview
Secure Shell, or SSH, could be a cryptographical (encrypted) network protocol for initiating text-based shell
sessions[clarification needed] on remote machines in a very secure means. this enables a user to run commands on a
machine’s electronic communication while not them being physically present close to the machine. It additionally
permits a user to establish a secure channel over an insecure network in a very client-server design, connecting an
SSH client application with an SSH server. Common applications embrace remote command-line login and remote
command execution, however any network service will be secured with SSH. The protocol specification distinguishes
between 2 major versions, brought up as SSH-1 and SSH-2.
The most visible application of the protocol is for access to shell accounts on Unix-like operative systems, however it
may also be utilized in an analogous fashion on Windows.
SSH was designed as a replacement for Telnet and different insecure remote shell protocols like the Berkeley rsh and
exec protocols, that send info, notably passwords, in plain text, rendering them at risk of interception and revelation
using packet analysis. The coding utilized by SSH is meant to produce confidentiality Associate in Nursingd integrity of
information over an unsecured network, like the net, though files leaked by Edward Snowden indicate that the National
Security Agency will generally decrypt SSH.
Characteristic
Run on port 22
Very Secure Protocol
Only major protocol to access
Difficult to decrypt
All popular Operation System
Configuration
Configuration on S1
Switch>enable
Switch#configure terminal
Switch(config)#hostname S1
S1(config)#interface vlan 1
S1(config-if)#ip address 192.168.1.2 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#exit
S1(config)#username ccna secret cisco
S1(config)#enable secret class
S1(config)#line vty 0 4
S1(config-line)#login local
S1(config-line)#transport input ssh
S1(config-line)#exit
S1(config)#ip default-gateway 192.168.1.1
S1(config)#ip domain-name cisco
S1(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
S1(config)#ip ssh version 2
Configuration on R1
Router>enable
Router#configure terminal
Router(config)#hostname R1
R1(config)#username ccna secret cisco
R1(config)#enable secret class
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip address 192.168.2.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#transport input ssh
R1(config-line)#exit
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
R1(config)#ip ssh version 2
Verify Connection
To verify ssh connection success or fail you may go to desktop tab on PC1 by clicking on Command Prompt and then
typing command as below:
To ssh to R1
ssh -l ccna 192.168.1.1
or
ssh -l ccna 192.168.2.1
To ssh to S1
ssh -l ccna 192.168.1.2
EmoticonEmoticon