It should have an authentication mechanism that allows remote or local access. With SSH over IPv6 transport, the only supported user authentication mechanism is local stored usernames or passwords. TACACS+, RADIUS and other user authentication mechanisms are not available over IPv6 transports. If you’re in an IPv6 network and want either RADIUS or TACACS+ to authenticate ssh client, you will need to configure RADIUS or TACACS+ over IPv4 transport, then connect to an SSHserver over IPv6 transport. To enable SSH, you must also create an RSA keypair. The following example shows how the keypair was named after the combination of hostname, domain name and previous configurations. The key length is represented by the modulus. Cisco recommends that the minimum key length be 1024 bits, even though the default is 512 bits. You can choose the key modulus size from 360 to 2048 for General Purpose Keys. It may take some time to choose a key modules that is greater than 512.
Securely log in to your router using an SSH client like TeraTerm. Viewing SSH Connections and Configurations. To view SSH connections and configurations, you can use the privilege mode commands “view/ssh” or “view/ip ssh”. The following example shows how to verify the SSHv1 configuration on a Cisco 871 router. A single SSHv1 connection can be displayed with the command “show-ssh”. It is obvious that this router did not support SSHv2, so it defaulted at SSH version 1.99. You will also notice that SSH version 1 defaults at 3DES in the output of “show ssh”. SSHv2 supports AES encryption, which is a stronger and more efficient encryption technology. SSHv2 is not vulnerable to the same security exploits that SSHv1. SSHv2 should be used. Disable a drop back to SSHv1 and it is best practice. Enabling SSHv2 disables SSHv1. This example is only for backward compatibility. You can use the command “debug-ip ssh”, to troubleshoot SSH configurations.
Linux servers are multi-user, multi-tasking machines that can be controlled and managed with terminal services. Secure Shell (or SSH) is the most common way to control a Linux server. SSH uses port 22, and offers encryption services along with terminal services. Telnet, which was used to control and communicate with remote hosts for many years, is still the most popular protocol. Modern hosting situations required a secure version of Telnet, just like FTP. Most likely, your web host will provide access to your SSH server. To communicate with your web host, you will need to install ssh client. To connect to your web host, you will need the IP address and authorization credentials. These details will be accessible from your web host. PuTTY is a popular Open-Source SSH client that you can get for free. This application can be found using any search engine you prefer. Search for putty. Choose the listing to download the SSH client. After downloading, enter the port number and authentication information into the options section of PuTTY and save the configuration.