To enhance security, enable SSH via ASDM for secure access to Cisco ASA. Utilize port 22 for secure SSH connections, replacing Telnet’s vulnerability. Authenticate remote users with public key cryptography. Configure SSH access using these steps on your Cisco ASA device. This post will show you how to enable ssh via ASDM on Cisco ASA Firewall. Please see TFTP Image to Flash: Copying Guide for Cisco ASA, how to Copying TFTP Image to Flash, and how to Associate SSH Public key with Azure Linux VM.
Enable SSH
First, specify the address of all hosts and networks which are allowed to access the ASA via the ASDM
Click on Configuration, then Device Management, and Expand the Management Access
and Click on ASDM/HTTPS/Telnet/SSH.
On the right pane, click on ‘ADD’ to add the SSH parameters such as the IP address, specify the interface the user will be connecting from, and subnet mask as well.
Easily enhance your network security by learning how to enable SSH via ASDM. You can also set up ASDM/HTTPS management access for both inside and outside interfaces.
ASDM/HTTPS inside 192.168.xxx.0 255.255.250.0
SSH inside 192.168.xxx.0 255.255.250.0Step 2: Add the user to the ASA local database
Secondly, Add the user to the ASA local database in which the user will be granted SSH privileges
Navigate to Configuration, and then to Device Management. Click on Users/AAA (User Accounts to add a user with ASDM).
On the right pane of the window, select “User Account”. Click on add to add the parameters you desire, e.g username, and password, and select the right Access Restriction and privilege level. This is an example of a configured user granted will look like
"(cisco 15 Full -- Inherit Group Policy -- -- Inherit Group Policy --)"Enable authentication for the users
Thirdly, enable authentication for the users to administer the Cisco ASA
Navigate to Configuration, and then Device Management. Click on Users/AAA, and then AAA Access (Authentication in order to set up AAA authentication for SSH with ASDM)Now enable required authentication for privilege mode access command and also enable for SSH server group
I hope you found this post on how to enable ssh via ASDM on Cisco ASA firewall helpful. Please feel free to leave a comment below.