Cisco ASA Series Cli Configuration Manual page 999

Chapter 1 Configuring Management Access
Examples
The following example shows how to generate RSA keys and let a host on the inside interface with an
address of 192.168.1.2 access the ASA:
hostname(config)# crypto key generate rsa modulus 1024
hostname(config)# write memory
hostname(config)# aaa authentication ssh console LOCAL
WARNING: local database is empty! Use 'username' command to define local users.
hostname(config)# username exampleuser1 password examplepassword1
hostname(config)# ssh 192.168.1.2 255.255.255.255 inside
hostname(config)# ssh timeout 30
The following example shows how to allow all users on the 192.168.3.0 network to access the ASA on
the inside interface:
hostname(config)# ssh 192.168.3.0 255.255.255.0 inside
Using an SSH Client
In the SSH client on your management host, enter the username and password that you configured in the
"Configuring SSH Access" section on page
ASA console before the following SSH user authentication prompt appears:
hostname(config)#.
The display of the dot does not affect the functionality of SSH. The dot appears at the console when
generating a server key or decrypting a message using private keys during SSH key exchange before user
authentication occurs. These tasks can take up to two minutes or longer. The dot is a progress indicator
that verifies that the ASA is busy and has not hung.
Configuring ASA Access for ASDM, Telnet, or SSH
1-4. When starting an SSH session, a dot (.) displays on the
Cisco ASA Series CLI Configuration Guide
1-5