SSH access to ASA

    You can access the ASA appliance using telnet , ssh and https through ASDM to Cisco ASA Firewall.

    To activate ssh access to ASA you need to have at least:

    • username and password which will be used in authentication process,
    • AAA lists definition that specifies the source of authentication – they can be retrieved fromRadius server, TACACS+ server or LOCAL ASA database
    • Crypto key pair defined for encrypted traffic to work

    So to enable SSH:

    • Define local username and password:

    ASA#configure terminal
    ASA(config)#username XXXX privilege 15 password YYYY

    • Define AAA lists for ssh:

    ASA(config)#aaa authentication ssh console LOCAL

    • Generate crypto key pair to use with SSH server:

    ASA(config)#domain-name aviumssolutions.com ===> (Example)
    ASA(config)#crypto key generate rsa general-keys modulus 1024

    In addition you can set the allowed sources, and define on which interface ssh will be allowed:

     

    ASA(config)#ssh 0 0 OUTSIDE

    NOTE : 

    OUTSIDE means the outside interface where we are coming from to the ASA appliance.

    We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

    Ok Decline
    More information