Asr 5000 System Administration Guide, Staros Release 21.1 - Cisco ASR 5000 Administration Manual

Getting Started
Important
Important
Step 1 Enter the context configuration mode by entering the following command:
host_name
[local]
host_name
[local]
Step 2 Configure the system to allow Telnet access, if desired:
host_name
[local]
Important For maximum system security, do not enable telnet. In release 20.0 and higher Trusted StarOS builds, telnet
is not supported.
Step 3 Configure the system to allow SSH access:
host_name
[local]
v2-rsa is the recommended key
Important
type.
In StarOS 19.2 and higher, the v1-rsa keyword has been removed from and the v2-dsa keyword has been
Important
concealed within the Context Configuration mode ssh generate CLI command. A keyword that was
supported in a previous release may be concealed in subsequent releases. StarOS continues to parse concealed
keywords in existing scripts and configuration files created in a previous release. But the concealed keyword
no longer appears in the command syntax for use in new scripts or configuration files. Entering a question
mark (?) will not display a concealed keyword as part of the Help text. A removed keyword generates an
error message when parsed.
[local]host_name(config-ctx)#
Step 4 Configure the system to support SFTP:
host_name
[local]
host_name
[local]
host_name
[local]
For additional information about SSH, see
Step 5 Configure the system to allow FTP access, if desired, by entering the following command:
host_name
[local]
For maximum system security, do not enable FTP. In release 20.0 and higher Trusted StarOS builds, FTP is not supported.
Step 6 Exit the configuration mode by entering the following command:
host_name
[local]
host_name
[local]
Step 7 Verify the configuration by entering the following command:
host_name
[local]
If there are two simultaneous telnet sessions, and one administrator deletes the context into which the
other administrator is logged, the administrator in the deleted context will not be automatically kicked
into the local context. Although the deleted context will still appear in the CLI prompt, context specific
commands will generate errors.
For maximum security, use SSH v2.
context local
(config)#
(config-ctx)#
server telnetd
(config-ctx)#
ssh generate key [ type { v1-rsa | v2-rsa | v2-dsa } ]
(config-ctx)#
ssh generate key type v2-rsa
server sshd
(config-ctx)#
subsystem sftp
(config-sshd)#
exit
(config-sshd)#
Configuring SSH Options, on page
server ftpd
(config-ctx)#
end
(config-ctx)#
#
show configuration
#
Configuring the System for Remote Access
27.

ASR 5000 System Administration Guide, StarOS Release 21.1

25