Name: Cisco IOS XR
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Implementing Secure Shell on Cisco IOS XR Software

How to Implement Secure Shell

SC-155

Cisco IOS XR System Security Configuration Guide

3. exit

4. ssh {ipv4-address | ipv6-address | hostname} [username user-id | cipher des | source-interface

type instance]

DETAILED STEPS

Troubleshooting Tips

• If you are using SSHv1 and your SSH connection is being rejected, you have not successfully

generated an RSA key pair for your router. Make sure that you have specified a hostname and

domain. Then use the crypto key generate rsa command to generate an RSA key pair and enable

the SSH server.

• If you are using SSHv2 and your SSH connection is being rejected, you have not successfully

generated a DSA key pair for your router. Make sure that you have specified a hostname and domain.

Then use the crypto key generate dsa command to generate a DSA key pair and enable the SSH

server.

• When configuring the RSA or DSA key pair, you might encounter the following error messages:

–

No hostname specified

You must configure a hostname for the router using the hostname global configuration

command.

–

No domain specified

Command or Action Purpose

Step 1

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2

ssh client knownhost

device

filename

Example:

RP/0/RP0/CPU0:router(config)# ssh client

knownhost slot0:/server_pubkey

(Optional) Enables the feature to authenticate and check the

server public key (pubkey) at the client end.

• The complete path of the filename is required. The

colon (:) and slash mark (/) are also required.

Step 3

exit

Example:

RP/0/RP0/CPU0:router(config)# exit

Exits global configuration mode, and returns the router to

EXEC mode.

Step 4

ssh {

ipv4-address

ipv6-address

hostname

}

[username

user-id

| cipher des |

source-interface

type

instance

]

Example:

RP/0/RP0/CPU0:router# ssh remotehost username

user1234

Enables an outbound SSH connection.

• The SSH client tries to make an SSHv2 connection to

the remote peer. If the remote peer supports only the

SSHv1 server, the peer internally spawns an

SSHv1 connection to the remote server.

• The cipher des option can be used only with an

SSHv1 client.

• If the hostname argument is used and the host has both

IPv4 and IPv6 addresses, the IPv6 address is used.

Questions and Answers:

Need help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General

Operating System	Cisco IOS XR
Architecture	Microkernel
High Availability	Yes
Type	Network operating system
Developed by	Cisco Systems
License	Proprietary
Programming Language	C, C++
Kernel	QNX
Supported Platforms	Cisco ASR9000, NCS series
Security Features	Role-Based Access Control (RBAC), Secure Boot, Encryption
Management Interface	CLI, SNMP, NETCONF, RESTCONF
Release Date	2004
Target Devices	High-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported Hardware	Cisco routers and switches
Networking Protocols	BGP, OSPF, IS-IS, MPLS
Virtualization Support	Virtualization-ready, supports network function virtualization (NFV) and containerization technologies.