Configure SSH Access on an ASA

By James on April 6, 2008 Comments
2,251 views
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 3.5 out of 5)
Loading ... Loading ...
Categories: Cisco Tags: , , ,

If you have recently tried to setup SSH access on a new ASA, it might not have worked the way you wanted. That is because the RSA keys need to be generated first. To do that:

crypto key generate rsa
asa(config)# crypto key generate rsa
INFO: The name for the keys will be:
Keypair generation process begin. Please wait…

And then configure SSH to be allowed from the inside interface:

ssh 0.0.0.0 0.0.0.0 inside

Now you will be able to login using the default username and password of pix/cisco, Or you can configure AAA and setup your own usernames. Doing this will make the pix username no longer work for SSH.

First, a username needs to be created:

username cisco password c1sc0

And then configure AAA:

aaa authentication ssh console LOCAL

Done!

7 Responses to “Configure SSH Access on an ASA”

Feed for this Entry Trackback Address View blog reactions
  1. 1 techallenged Jul 11th, 2008 at 1:52 pm

    ran into this very issue and I tried to apply your fix. however i still get denied. I get the key but it doesn’t allow me to login. Also I tried to zeroize the key first. Noting. Does it require a reboot.

  2. 2 raventech Aug 21st, 2011 at 9:52 am

    I ran into this very issue as well but I had been trying everything I could find in the ASDM admin to get it working first. I think the only difference is that I created my user in ASDM first and made sure they had full management access. Thanks!

  3. 3 Joeann Sep 19th, 2011 at 11:41 pm

    Hi there would you mind letting me know which web host you’re using? I’ve loaded your blog in 3 different browsers and I must say this blog loads a lot quicker then most. Can you suggest a good hosting provider at a reasonable price? Thanks a lot, I appreciate it!

  4. 4 James Sep 20th, 2011 at 6:22 am

    Joeann,

    I am hosting the site on a “cloud” server that I run. That server is hosted by Rackspace out of Chicago. I have serveral servers with them and have been very happy with the service and performance.

    http://www.rackspace.com/cloud/

  5. 5 coupons Apr 12th, 2013 at 2:08 pm

    Hi, for all time i used to check web site posts here early in
    the break of day, since i like to learn more and more.

  6. 6 Ashlee Apr 12th, 2013 at 8:39 pm

    Pretty! This was an incredibly wonderful article. Thanks for
    providing this information.

  7. 7 null May 2nd, 2013 at 1:03 pm

    Hey! I understand this is kind of off-topic but I had to ask.
    Does building a well-established blog like yours require a massive amount work?
    I’m brand new to writing a blog but I do write in my journal daily. I’d like to start a blog so I can share my personal experience and
    feelings online. Please let me know if you have any kind of recommendations or
    tips for brand new aspiring blog owners. Appreciate it!

Leave a Reply

« Unable to download NAT policy for ACE
MSS Exceeded Workaround »