To enhance security, enable SSH via ASDM for secure access to Cisco ASA. Utilize port 22 for secure SSH connections, replacing Telnet’s vulnerability. Authenticate remote users with public key cryptography. Configure SSH access using these steps on your Cisco ASA device.
First, specify the address of all hosts and networks which are allowed to access the ASA via the ASDM
step 1:
click on configuration
—-Device management
——Expand the Management Access
and Click on ASDM/HTTPS/Telnet/SSH
On the right pane, click on ‘ADD’ to add the SSH parameters such as the IP address, specify the interface the user will be connecting from, and subnet mask as well.
Easily enhance your network security by learning how to enable SSH via ASDM. You can also set up ASDM/HTTPS management access for both inside and outside interfaces.
ASDM/HTTPS inside 192.168.xxx.0 255.255.250.0
SSH inside 192.168.xxx.0 255.255.250.0
Secondly, Add the user to the ASA local database in which in which the user will be granted SSH priviledges
step 2:
Navigate to Configuration
– Device Management
– Users/AAA
– User Accounts in order to add a user with ASDM.
on the right pane of the window, select “User Account”
– Click on add to add the parameters you desire, e.g username, password,
and select the right Access Restriction and privilege level.
This is an example of a configured user granted will look like
“(cisco 15 Full — Inherit Group Policy — — Inherit Group Policy –)”
Thirdly, enable authentication for the users to administer the Cisco ASA
Steps 3:
Navigate to Configuration
– Device Management
– Users/AAA
– AAA Access
– Authentication in order to set up AAA authentication for SSH with ASDM.
Now enable require autthentication for privilege mode access command and also enable for SSH server group