How to ssh in packet tracer?

SSH (Secure Shell) is one of the most used protocols in network World. As a secured alternative of Telnet, SSH is always in the life of a network engineer. It helps us to connect our routers, swithces and any other network equipments. Especially because of SSH is more secure, it is always prefered more than Telnet. In this lesson, we will focus on SSH Configuration on Cisco routers with an SSH Config Example. We will learn configuring SSH.

So, what will be our SSH Config steps? In this example, we will go through the below six  steps one by one:

So, let’s start SSH Configuration and see how is the backplane config of our SSH connection on routers.

You can visit Cisco Hands On Course with Packet Tracer

Before configuring SSH, firstly, we will configure IP addresses of router interface and the PC. We will use the below IP addresses:

Router fa0/0 Interface

IP : 10.0.0.1

Subnet : 255.255.255.0

PC

IP : 10.0.0.2

Subnet : 255.255.255.0

Gateway : 10.0.0.1

We need to change the default router name to generate rsa key. Here, the default name is Router, let’s change this name to ABC.

In this step, we will set the domain name. Our domain name will be SSHabc. And after that, we will encrypt the data in it with “crypto key generate rsa” command.

During this configuration we will set the module sizes. So we will use 512 here.

This step is the classical user definion on the router. We will do it with username, password and the priviledge level. Our user is gokhan, password is abc123 and the priviledge mode is 15.

We will use this username and password for SSH connection.

The main configuration step of this Configuring SSH lesson is this step. Here, we will do the SSH configuration in line mode.

Firstly, we will go to line mode and configure SSH for 16 users from 0 to 15. And then we will use “transport input ssh”. This command will allow only SSH access. Telnet accesses will be rejected.

Then, we will set the login as local with “login local” command. With this command, we can use local router users to ssh access.

After that , we will configure the the version of SSH. There are two SSH versions, SSH version 1 and SSH version 2. The second one provide more enhanced security agorithm. Here, we will use SSH version 2. To configure it, we will use “ip ssh version 2” command.

Lastly, we will save our SSH Configuration.

At the last step of Configuring SSH, SSH Config Example, we can try to connect via SSH from PC to the router. To do this, we will open the command line on the PC and connect to the router with the below command. Here our Router interface ip is 10.0.0.1.

Welcome to this tutorial! Here, we’ll have an overview of Secure Shell (SSH) protocol, then see how to configure it on a switch and a router in Packet Tracer.

An overview of SSH

Secure Shell, just like Telnet, enables a user to access a remote device and manage it remotely. However, with SSH, all data transmitted over a network (including usernames  and passwords) is encrypted and secure from eavesdropping.

SSH is a client-server protocol, with a SSH client and a SSH server. The client machine (such as a PC) establishes a connection to  a SSH server running on a remote device (such as a router). Once the connection has been established, a network admin can execute commands on the remote device.

Configuring SSH on a router in Packet Tracer

For this  tutorial, we’ll configure SSH on the router so that you as the admin can access and manage it remotely using an SSH client on the admin PC.

And now on to it:

First build the network topology.

Then do these basic IP configurations on the PC and the router:

Router

PC : IP address 10.0.0.10   Subnet mask 255.0.0.0   Default gateway 10.0.0.1

Now, to set up SSH on the router, you’ll need to:

1. Set Router’s hostname

2. Set domain name

Both the hostname and  domain name will be used in the process of generating encryption keys.

3. Now generate encryption keys for securing the session using the command crypto key generate rsa.

4. Set an enable password .

Note that this password is not for use with SSH;  its only for use in accessing the privileged executive mode of the router after you are able to access its CLI remotely via SSH .

5.Set username and password for local login.

The  password will have to be provided before you can access the CLI of the router when using SSH.

6.Specify the SSH version to use.

7.Now connect to VTY lines of the Router and configure the SSH protocol.

That’s all for configuration. Move on to see if you can access the router remotely from the PC.

8. On the command prompt of the PC, open a SSH session to the remote router by typing the command:  ssh -l  admin 10.0.0.1

admin is the username set in step 5.

9.  Provide the  login password which you set in step 5 and press enter. You’re now probably in the CLI of the router. Provide the enable password (the one you set in step 4) to access the privileged executive mode.

You can proceed and do configurations on the Router.You’re now managing the router remotely from the PC.

That’s it!

At this point, let’s move on and configure SSH  on a switch.

SSH configuration on a Switch

Here, we’ll configure SSH on a multi-layer switch. The commands remain almost the same as for the router; only that in a switch, we’ll use the IP address of its VLAN interface to access it  from the PC.

So then, let’s move on.

Then configure basic IP addressing on the PC and the switch. On the switch, we’ll assign an IP address to a VLAN interface, just as we’ve said.

Give the ADMIN PC  IP address 10.0.0.10 /8

Now, to configure SSH on the multilayer switch, here are the steps.

1.Configure hostname

2. Configure IP domain name

Both the host name and domain name will be used in the process of generating encryption keys.

3. Now generate encryption keys for securing the session.

4.Set an enable password.

Again,  note that enable password is not necessarily used in configuring SSH; it will allow the admin to access the privileged executive mode of the switch once a remote connection to the switch via SSH is established.

5. Set username and password for local login.

6. Specify the SSH version to use.

7. Now connect to the VTY lines of the switch and configure SSH on the lines.

That’s all for SSH configuration on the switch. Move on and try to access the switch remotely from the PC.

So then:

8. On the command prompt of the Admin PC, open a SSH session to the switch using the command ssh -l admin 10.0.0.1

Note that: admin is the username defined in step 5 while 10.0.0.1 is the IP address of the VLAN interface of then switch.

***command prompt***

Note:

This concludes our tutorial on SSH.

All the best!

You may  also like to read:

This Article is about the configuration of SSH on Cisco Switch. You can configure SSH on Cisco devices very easily using these simple steps: Check out the some best Switches with fast network speed.

For the configurations of SSH in packet tracer on Cisco switch, you are required to follow the above steps. Let start and perform these steps one by one. (Learn what is PSSH)

Our first step is to open the packet tracer and need to create a simple lab. For this topology we will use only one switch and a PC.  Simply drag these two items on dashboard. Now we will connect them with straight through connection.

The next step is assign the suitable IP setting to these devices. For keeping it simple and making basic connectivity we will assign just two IP address to these device. We will assign the IP address to PC. For this will open the PC setting and then IP configuration. Here we will assign an IP address to host, in our case we are going to assign it 192.168.1.1 with the default gateway. For default gateway we will assign the IP address 192.168.1.10. We assign the second IP address to our Vlan1 interface on switch. And its IP address will be the gateway of host that is 192.168.1.10. For this we will use the basic commands. Switch> enable

Switch# config t

Switch(config)#interface vlan 1

Switch (config-if)# ip address 192.168.1.10 255.255.255.0

Switch (config -if)#no shut

Once you done with basic IP setting, you can verify the connectivity by pinging the interface vlan1 IP from host.

For SSh configurations you need to configure a host-name and domain-name for your switch you can do this with these simple commands.

Switch # config t

Switch (config)#hostname SW1

SW1 ( config)#ip domain-name w7cloud.com

For SSH access it is required that you must configure the console and enable password on your cisco switch. You can set these two passwords with following commands.

SW1 ( config)#line console 0

SW1(config-line)#password cisco

SW1(config -line)#logging synchronous

SW1(config- line)#login local

SW1 (config- line)#exit

SW1 # enable secret cisco

Your Cisco switch must have RSA keys that for the SSH process. You can generate the RSA keys with following command:

SW1 ( config)# crypto key generate rsa

How many bits in the modulus : 1024

% Generating 1024 bit RSA keys, keys will be non-exportable…

Set the size of key to 1024 bits.

If your Cisco Switch is running an older version of Cisco IOS image, then it is extremely recommended that you upgrade to latest Cisco IOS.

For the configuration of SSH on cisco switch you need the following line vty configurations, and input transport is required to set to SSH. Set the login-to-local, & password to 7.

sw1 ( config)#line vty 0 4

sw1 ( config-line)#transport input ssh

sw1( config -line)#login local

sw1(config- line)#password 7

sw1(config- line ) #exit

If you do not have a username for SSH access you need to create a username. You can do it with this simple command:

Sw1# config t

sw1 (config ) # username w7cloud password cisco

Make sure the password encryption services is enabled on your switch, this service will encrypt your password, & when you do “sh run”, you’ll see only the encrypted password, not clear text password.

SW1# service password-encryption

Once you done with the above configurations you can test all these configuration by creating a SSH connection from Host. You do it the command ssh –l . Open the host command prompt and use the command

C:\>ssh -l  waqas 192.168.1.10

It will ask for password, provide the password that you created with this username in previous steps. Then it asked for console password and then you need to provide the enable password. Now you are in your Cisco switch. You can perform switch configurations from your host.

From the switch, if you use the command ‘sh ip ssh’, it will also confirm that SSH is enabled on this cisco swith.

For better understanding please watch the video and like it.

• Crate a Packet Tracer Topology Lab.
• Basic IP Setting for connectivity.
• Set hostname and domain-name on Switch.
• Set console and enable password for SSH login.
• Generate the RSA Keys.
• Setup the Line VTY configurations.
• Create the username password for SSH access from PC.