Enable SSH from outside

[paultaylor04]

what's the command i can use to enable ssh from anybody on the outside interface?
i know giving access to the entire internet is not a good practice but this is only for lab purposes

 

[dtabera]

you have to use

ssh 0.0.0.0 0.0.0.0 outside

and generate keys for ssh:

ca generate rsa key 768
ca save all

when you connect using ssh, you need a username and password. I have not been able to access using the default user, so maybe you will have to create a user:

aaa authentication ssh console LOCAL
username <user> password <key> privilege <number>

privilege 15 = enable

you can also use a RADIUS or TACACS server this way:

aaa authentication ssh console RADIUS

aaa-server RADIUS protocol radius
aaa-server RADIUS (interface,commonly inside) host <ip> <password> timeout 15

Hope you get it to work.

Diego.

 

[dx1]

You will also need a hostname, which you should already have and a domain name setup on the pix. I would also generate the key size bigger, such as 2048. The username is pix and the password is your telnet password. I have never needed to create a user or use RADIUS/TACACS.

 

[kmg365]

The default user for the pix firewall when using ssh is

pix

Try that for the username and you hopefully will be able to get it.

Jim