Cisco Preparative Procedures & Operational User Guide
© 2016 Cisco Systems, Inc. All rights reserved.
4.5.5 Configure SSH Access
The following procedure describes how to enable or disable SSH access to the Firepower chassis. SSH is
enabled by default.
4.5.5.1 Configure SSH via CLI
The following procedure describes how to enable or disable SSH access to the Firepower chassis. SSH is
enabled by default.
1) Enter system mode:
Firepower-chassis # scope system
2) Enter system services mode:
Firepower-chassis /system # scope services
3) To configure SSH access to the Firepower chassis, do one of the following:
• To allow SSH access to the Firepower chassis, enter the following command:
Firepower-chassis /system/services # enable ssh-server
• To disallow SSH access to the Firepower chassis, enter the following command:
Firepower-chassis /system/services # disable ssh-server
4) Display the SSH settings:
Firepower-chassis /system/services # show ssh-sever
5) Set the Approved algorithms only:
Firepower-chassis /system/services # set ssh-server aes128-cbc aes256-cbc
Firepower-chassis /system/services # set ssh-server mac-algorithm hmac-
sha1 hmac-sha2-256 hmac-sha2-512
Firepower-chassis /system/services # set ssh-server kex-algorithm diffie-
hellman-group14-sha1
6) Configure the SSH Rekey limit:
Firepower /system/services # set ssh-server rekey-limit volume [KB] time
[Minutes]
7) Commit the transaction to the system configuration:
Firepower /system/services # commit-buffer
To Next Page
Loading...
Need help?
General
