Configure SSH on Pix Firewall

# Configure SSH on Pix Firewall ###### tags: `cisco` `pix` `ssh` Prerequest: ping between the client and the pix successful Pix ISO image: pix704.bin Hardware: PIX-525 SSH Tool: PuTTY ``` --------------------------------------------------------------------- [1]. configure the firewall host name: --------------------------------------------------------------------- Router(config)#hostname PIXFW --------------------------------------------------------------------- [2]. configure a domain for the security appliance: --------------------------------------------------------------------- PIXFW(config)#domain-name cisco.com --------------------------------------------------------------------- [3]. generate the firewall¡¦s RSA key pair: --------------------------------------------------------------------- PIXFW(config)#crypto key generate rsa general-keys modulus <number of bit(1024)> --------------------------------------------------------------------- [4]. save the generated RSA key pair: --------------------------------------------------------------------- PIXFW(config)#write memory --------------------------------------------------------------------- [5]. identify a host/network to be used to access the security appliance console using ssh: --------------------------------------------------------------------- PIXFW(config)#ssh <IP Address> <Netmask(255.255.255.255)> inside --------------------------------------------------------------------- [6]. configure password used to perform local authentication: --------------------------------------------------------------------- PIXFW(config)#passwd cisco --------------------------------------------------------------------- [7]. specify ssh session timeout in number of minutes --------------------------------------------------------------------- PIXFW(config)#ssh timeout <seconds> --------------------------------------------------------------------- you may specify version of ssh to be used by using "ssh version" command. you may use the user "pix" (the default), and then enter the password. Because "ca" command syntax has been deprecated. Please use the "crypto key generate" command. ```