You can access the ASA appliance using telnet , ssh and https through ASDM to Cisco ASA Firewall.
To activate ssh access to ASA you need to have at least:
- username and password which will be used in authentication process,
- AAA lists definition that specifies the source of authentication – they can be retrieved fromRadius server, TACACS+ server or LOCAL ASA database
- Crypto key pair defined for encrypted traffic to work
So to enable SSH:
- Define local username and password:
ASA#configure terminal
ASA(config)#username XXXX privilege 15 password YYYY
- Define AAA lists for ssh:
ASA(config)#aaa authentication ssh console LOCAL
- Generate crypto key pair to use with SSH server:
ASA(config)#domain-name aviumssolutions.com ===> (Example)
ASA(config)#crypto key generate rsa general-keys modulus 1024
In addition you can set the allowed sources, and define on which interface ssh will be allowed:
ASA(config)#ssh 0 0 OUTSIDE
NOTE :
OUTSIDE means the outside interface where we are coming from to the ASA appliance.