How to Configure SSH in Cisco Packet Tracer

SSH (Secure Shell) provides secure management of network devices. By using SSH, you establish a secure connection to a network device that you access, and your data is sent in encrypted form.

How to Configure SSH in Cisco Packet Tracer

How to Enable SSH in Cisco Router with Packet Tracer

SSH is a much safer protocol than the Telnet protocol and uses the TCP 22 port by default. The port number may vary.

There are 2 versions of the SSH protocol. These; Version 1 and Version 2.

SSH V1 exploits several patented encryption algorithms and is vulnerable to a well-known vulnerability that could allow an attacker to enter data into the communication flow.

SSH V2, this release has an advanced key exchange algorithm that is not vulnerable to the same abuse and includes more powerful and comprehensive features:

• Encryption such as 3DES and AES.
• Use voice encryption Message Verification Code (MAC) algorithms for integrity checking.
• Support for public-key certificates.

We recommend that you use SSH V2 as far as possible to remotely manage network devices.

To enable SSH in the real scenario, make sure that the file name of your Cisco IOS software is k9 (crypto).

   Step 1

First, run Packet Tracer and then create a network topology as shown in the image below. Add an additional Router to the workspace, because after configuration we will connect the Router to the Router with SSH.

SSH Connection from Router to Router

   Step 2

Open the CLI prompt by clicking on the SYSNETTECH Router and press Enter to skip the initial configuration.

IOS Command Line Interface

   Step 3

To enable SSH on the router, perform the following commands in order.

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname SYSNETTECH
SYSNETTECH(config)#interface gigabitethernet 0/0
SYSNETTECH(config-if)#ip address
SYSNETTECH(config-if)#no shutdown
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
SYSNETTECH(config)#ip domain name
SYSNETTECH(config)#crypto key generate rsa
The name for the keys will be:
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
SYSNETTECH(config)#ip ssh version 2
*Mar 1 0:6:12.698: %SSH-5-ENABLED: SSH 1.99 has been enabled
SYSNETTECH(config)#ip ssh time-out 10
SYSNETTECH(config)#ip ssh authentication-retries 3
SYSNETTECH(config)#line vty 0 4
SYSNETTECH(config-line)#login local
SYSNETTECH(config-line)#privilege level 15
SYSNETTECH(config-line)#transport input ssh
SYSNETTECH(config)#username cisco privilege 15 password cisco123
Building configuration...

Enabling SSH on the Router

   Step 4

Configure the IP settings of PC1 as follows.

Configure TCP/IP Settings for PC1

   Step 5

To quickly configure the R1’s interface, double-click on it, click the Config tab in the window that opens, and then configure the Port Status option of the GigabitEthernet0/0 interface to On, then assign the IP address.

Assigning an IP Address to the Router's Interface

   Step 6

To test whether SSH is running, open the PC1 prompt and establish a connection using the command below.

ssh -l cisco


-l : Login means.
cisco : The username to use to connect to the router. : The IP address of the router.

ssh -l cisco

   Step 7

Enter the user name and password you created, and as soon as you press Enter, the connection will be established as in the image below.

Connected from PC to Router with SSH

   Step 8

After executing the show ssh command on PC1 Command Prompt, you can check the version of the SSH protocol that is linked.

Using the show ssh command on the router

   Step 9

In this step, execute the following command to make SSH from router to router.

ssh -l cisco

Router Command Interface

   Step 10

In the same way, enter the user account information you created on the Cisco Router and press Enter.

Using the SSH Command on the Router

   Step 11

As you can see in the image below, a successful SSH connection is made.

Connection to Router Successful

Show Commands

SYSNETTECH#show running-config
Building configuration...

Current configuration : 799 bytes
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
no ip cef
no ipv6 cef
username cisco privilege 15 password 0 cisco123
license udi pid CISCO1941/K9 sn FTX152488GK
ip ssh version 2
ip ssh time-out 10
ip domain-name
spanning-tree mode pvst
interface GigabitEthernet0/0
ip address
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
interface Vlan1
no ip address
ip classless
ip flow-export version 9
line con 0
line aux 0
line vty 0 4
login local
transport input ssh
privilege level 15


Connection Version Mode Encryption Hmac State Username
133 1.99 IN aes128-cbc hmac-sha1 Session Started cisco
133 1.99 OUT aes128-cbc hmac-sha1 Session Started cisco
133 1.99 IN aes128-cbc hmac-sha1 Session Started cisco
133 1.99 OUT aes128-cbc hmac-sha1 Session Started cisco
%No SSHv1 server connections running.


SYSNETTECH#show ip ssh
SSH Enabled - version 2.0
Authentication timeout: 10 secs; Authentication retries: 3


With the simulator, you can watch the video below to enable SSH on the router and connect from the PC and also subscribe to our YouTube channel to support us!

   Final Word

In this article, after examining how to enable SSH, we have connected with SSH from PC to Router and Router to Router to verify the connection. In the real scenario, to configure SSH on Routers, make sure the IOS image has k9 (crypto). Thanks for following us!

   Related Articles

Packet Tracer VLAN
Packet Tracer Inter-VLAN
Packet Tracer Static NAT
Packet Tracer Dynamic NAT
Packet Tracer PAT

Add a Comment

Your email address will not be published. Required fields are marked *

You cannot copy content of this page