# Setup SSH in Cisco

 SSH, also known as Secure Socket Shell, is a network protocol that provides administrators with a secure way to access a remote computer.

To have a secure connection to Cisco devices, we don't use Telnet. Because Telnet sends the password in plain Text. If you use kind of sniffer tools such as Wireshark, you can see exact password is passing to the device. So, for having secure connection all system administrators use SSH.

There are 5 steps for creating SSH connection, which are namely:

1. Create a hostname
2. Create a domain name
3. Generate RSA key
4. Create a local account
5. Allow SSH in vty line

```
SW1# conf t
SW1(config)# hostname SW1
SW1(config)# ip domain name HRT
SW1(config)# crypto gen key rsa
SW1(config)# ip ssh version 2
SW1(config)# username mona password/secret cisco
SW1(config)# line vty 0 5
SW1(config-line)# transport input telnet/ssh/all
SW1(config-line)# login local
```

In line 4, length of RSA key depends on the device.  Some devices support more than **1024** or **2048**.

In line 6, you can use *password* or *secret*, as I told you in previous section, *secret* encrypts your password in running-config, but *password* is shown in clear text.

In line 8, you can select telnet, ssh or both of them to allow in vty line. In other words, if you select *all*, ssh users and telnet users can connect through vty line