Loading ...If you have recently tried to setup SSH access on a new ASA, it might not have worked the way you wanted. That is because the RSA keys need to be generated first. To do that:
crypto key generate rsa
asa(config)# crypto key generate rsa
INFO: The name for the keys will be:
Keypair generation process begin. Please wait…
INFO: The name for the keys will be:
Keypair generation process begin. Please wait…
And then configure SSH to be allowed from the inside interface:
ssh 0.0.0.0 0.0.0.0 inside
Now you will be able to login using the default username and password of pix/cisco, Or you can configure AAA and setup your own usernames. Doing this will make the pix username no longer work for SSH.
First, a username needs to be created:
username cisco password c1sc0
And then configure AAA:
aaa authentication ssh console LOCAL
Done!
ran into this very issue and I tried to apply your fix. however i still get denied. I get the key but it doesn’t allow me to login. Also I tried to zeroize the key first. Noting. Does it require a reboot.