No announcement yet.

Enable SSH Access to Existing Router

  • Filter
  • Time
  • Show
Clear All
new posts

  • Enable SSH Access to Existing Router


    I am fairly comfortable with enabling SSH access on a router. However, I am not sure if generating the RSA keys or re-generating the RSA keys will disrupt the existing VPN tunnels. I gues my question is what are things to consider when generating or re-generating RSA keys on a Cisco router. Thanks

  • #2
    Re: Enable SSH Access to Existing Router

    Is the existing vpn using digital certificates for authentication? If so then it would depend if you created a key pair for the vpn and a different keypair for ssh access. If only one keypair exists on the router then generating a new one will overwrite the existing. If your not using digital certs for authentication and using pre-shared keys than it wont matter. Normally I would zeroize the existing keypair and then create a new one.

    This will also affect ssl vpn's as well. What I usually do is when creating your keypairs, give it a label and assign that particular keypair to SSH, SSL VPN, Ipsec VPN. That way you are using separate keypairs for your different services.
    Last edited by auglan; 25th October 2012, 11:19.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)