Accessing Cisco ASA using SSH

So, I purchased a Cisco ASA 5505 to build a VPN Tunnel from a remote office to my main office. Really simple to do, when you are using Easy VPN . Anyway, I wanted to turn on SSH. So, I enabled SSH on the ASA, and tried to access it:

[apaxson@netutil ~]$ ssh -l username
ssh_exchange_identification: Connection closed by remote host


Hmmmm….. let’s do a debug, and see what happens:

asa# debug ssh 

Device ssh opened successfully. 
SSH0: SSH client: IP = '' interface # = 1 
SSH: unable to retrieve default host public key. 
Please create a defauth RSA key pair before using SSH 
SSH0: Session disconnected by SSH server - error 0x00 "Internal error" 


Ahhhh….. we have to create a default RSA key pair. Let’s do that.

asa(config)# ca generate rsa key 1024 
WARNING: the 'ca' command syntax has been deprecated 
Please use the 'crypto key generate' command.


Okaaaay…… looks like we have to change our ways again.

asa(config)# crypto key generate rsa 
INFO: The name for the keys will be: <Default-RSA-Key> 

Keypair generation process begin. Please wait... 



Okay, so far so good. Let’s try to connect again:

[apaxson@netutil ~]$ ssh -l username 
RSA key fingerprint is 9b:99:12:45:6f:7a:bb:37:f4:25:19:1d:d9:0d:62:24. 

Are you sure you want to continue connecting (yes/no)? yes 

Warning: Permanently added '' (RSA) to the list of known hosts.



Share This Page : Share on TwitterShare on FacebookShare on GooglePlusShare on PinterestShare on Linkedin