Establishing SSH on Cisco Devices?

UsualSuspect7UsualSuspect7 MemberPosts: 76Member ■■■□□□□□□□
Why do we have to use the ip domain-name command to establish SSH on a Cisco device? I'm thinking it already has an IP address why must we use a domain name? what if we don't have a domain name to use?


Thank You,
CISSP, CCENT, CCNA R/S, CCNA Cyber OPs, Security+, CySA+, CSAP+


Comments

  • pujan96pujan96 Posts: 112Member ■■■□□□□□□□
    I believe its required to generate the crypto Key for the device
    [X] CCNA R&S

    [X] CCNP Route 300-101
    [  ] CCNP Switch 300-115
    [  ] CCNP T-Shoot 300-135

    [  ]  NPDESI 300-550

    [  ] CCIE R&S Written
    [  ] CCIE R&S LAB
  • robo78robo78 Posts: 37Member ■■□□□□□□□□
    why must we use a domain name?
    as mentioned, it's a requirement. Before a device can use secure channel, it's need to have some secret material generated from these domain name and also hostname.
    what if we don't have a domain name to use?
    well, you must choose one. Otherwise you can't enable ssh.
    Working on: Linux+
  • CryptoQueCryptoQue PMP, CISSP, CCNP, CCDP, CCNA, CCDA, CCENT, NET+, SEC+, ITILv3 VirginiaPosts: 205Member ■■■□□□□□□□
    The RSA key name consists of a hostname and a domain name. Since SSH depends on RSA key in order to function, a domain name must be established prior to generating a RSA key and enabling SSH. You can make up a simple Cisco IOS domain like "ip domain name passccna.UsualSuspect7.com"
  • UsualSuspect7UsualSuspect7 Member Posts: 76Member ■■■□□□□□□□
    Awesome! Thank You all so much I understood it was needed, but I just was curious as to why exactly. Thank You.
    CISSP, CCENT, CCNA R/S, CCNA Cyber OPs, Security+, CySA+, CSAP+


  • Cisco InfernoCisco Inferno Posts: 1,034Member ■■■■■■□□□□
    CryptoQue wrote: »
    The RSA key name consists of a hostname and a domain name. Since SSH depends on RSA key in order to function, a domain name must be established prior to generating a RSA key and enabling SSH. You can make up a simple Cisco IOS domain like "ip domain name passccna.UsualSuspect7.com"

    Your username is very appropriate for clearing this up. thanks
    2019 Goals
    CompTIA Linux+
    [ ] Bachelor's Degree
  • CryptoQueCryptoQue PMP, CISSP, CCNP, CCDP, CCNA, CCDA, CCENT, NET+, SEC+, ITILv3 VirginiaPosts: 205Member ■■■□□□□□□□
Sign In or Register to comment.