Establishing SSH on Cisco Devices?

UsualSuspect7 · June 2017

Why do we have to use the ip domain-name command to establish SSH on a Cisco device? I'm thinking it already has an IP address why must we use a domain name? what if we don't have a domain name to use?

Thank You,

pujan96 · June 2017

I believe its required to generate the crypto Key for the device

robo78 · June 2017

UsualSuspect7 wrote: »

why must we use a domain name?

as mentioned, it's a requirement. Before a device can use secure channel, it's need to have some secret material generated from these domain name and also hostname.

UsualSuspect7 wrote: »

what if we don't have a domain name to use?

well, you must choose one. Otherwise you can't enable ssh.

CryptoQue · June 2017

The RSA key name consists of a hostname and a domain name. Since SSH depends on RSA key in order to function, a domain name must be established prior to generating a RSA key and enabling SSH. You can make up a simple Cisco IOS domain like "ip domain name passccna.UsualSuspect7.com"

UsualSuspect7 · June 2017

Awesome! Thank You all so much I understood it was needed, but I just was curious as to why exactly. Thank You.

Cisco Inferno · June 2017

CryptoQue wrote: »

The RSA key name consists of a hostname and a domain name. Since SSH depends on RSA key in order to function, a domain name must be established prior to generating a RSA key and enabling SSH. You can make up a simple Cisco IOS domain like "ip domain name passccna.UsualSuspect7.com"

Your username is very appropriate for clearing this up. thanks

CryptoQue · June 2017

Thanks Cisco Inferno!

Establishing SSH on Cisco Devices?

Comments