Sample configuration, setting up SSL to connect to a switch
This configuration applies when you get a new router, and want to create SSH connectivity, so that you don’t need to connect via the console cable.
Step 1. Create a management VLAN and assign it an ip address, so you can connect via IP
vlan 10
exit
int vlan 10
ip address 192.168.1.1 255.255.255.0
no shut
exit
int fa0/1
switchport mode access
switchport access vlan 10
You should now be able to ping from the PC to the switch.
Step 2. Configure hostname, domain name, local user, enable password and password encryption
hostname router1
ip domain-name test.com
username steve privilege 15 password happy
enable password veryhappy
service password-encryption
Step 3. Generate crypto keys.
crypto key generate rsa
You are prompted for modulus size. 1024 bits is probably ok.
Step 4. Line vty set up:
# line vty 0 4
(config-line)# transport input ssh
(config-line)# login local
(config-line)# exit
Step 5. Do the same for the console
# line console 0
(config-line)# logging synchronous
(config-line)# login local
Step 6. Connect using the command line on the virtual PC (Command is non standard, in real life you would use PuTTY or similar)
ssh -l steve 192.168.1.1
IT Support Blog 