How to disable SSH in Cisco Devices?
Posted by: Yasir Irfan
How to disable SSH in Cisco devices, SSH, Cisco Router, Cisco Switch, crypto key zeroize rsa, enable SSH, Disable SSH, Cisco-remote-access, remote access, Routing and Switching, ssh disable, ssh enable, ssh reconfigure, Cisco Tips, Cisco Networking, Router Configuration, Switch Configuration, disable SSH in Cisco routers, disable SSH in Cisco Switches, Network Technologies and Trends, Cisco Commands
We all know the importance of SSH, and it is one of most used method for remote access of Cisco Devices either it might be a Cisco Router or a Cisco Switch. Most of the Network Engineers I come across say it is so complicated to either enable or disable the SSH in Cisco Devices.
If you simply try to use “no commands” used to enable SSH it will not work. Here is the tip to disable the SSH in either Cisco Router or Cisco Switches.
Commands used to enable SSH in a Cisco Device
ITKE-AS1(config)#ip domain-name itke.com
ITKE-AS1(config)#crypto key generate rsa general-keys modulus 512
The name for the keys will be: ITKE-AS1.itke.com
% The key modulus size is 512 bits
% Generating 512 bit RSA keys, keys will be non-exportable…[OK]
ITKE-AS1(config)#
ITKE-AS1(config)#aaa new-model
ITKE-AS1(config)#aaa authentication login default local
ITKE-AS1(config)#aaa authentication exec default local
Commands used to disable SSH in a Cisco Device
Do notice if you use the command “no crypto key generate rsa” it will not work rather the device will suggest you to use the ‘crypto key zeroize rsa’ command, amazing isn’t it
ITKE-AS1(config)#no crypto key generate rsa
% Use ‘crypto key zeroize rsa’ to delete signature keys.
ITKE-AS1(config)#crypto key zeroize rsa
% All RSA keys will be removed.
% All router certs issued using these keys will
will also be removed.
Do you really want to remove these keys? [yes/no]: yes
ITKE-AS1(config)#
0 Comments
RSS Feed
Email a friend
