Configuring SSH on Cisco Router

SSH Configuration:

RX1(config)#int f0/0
RX1(config-if)#ip address 10.1.1.1 255.0.0.0
RX1(config-if)#no shut
RX1(config-if)#exit
RX1(config)#ip domain-name networkexpert.co.in
RX1(config)#crypto key generate rsa general-keys modulus 1024
The name for the keys will be: RX1.networkexpert.co.in

% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

RX1(config)#
*Mar  1 04:06:34.874: %SSH-5-ENABLED: SSH 1.99 has been enabled
RX1(config)#username netx password netx
RX1(config)#line vty 0 4
RX1(config-line)#login local
RX1(config-line)#transport input ssh

RX1(config-line)#exit

SSH from a Router to RX1:
RX3(config)#int f0/0
RX3(config-if)#ip address 10.1.1.2 255.0.0.0
RX3(config-if)#no shut
RX3(config-if)#end
RX3#ssh -l netx 10.1.1.1
Password:*****
RX1>enable
Password:*****
RX1#exit

[Connection to 10.1.1.1 closed by foreign host]
RX3#

Link:
Configuring Secure Shell on Routers and Switches Running Cisco IOS 

Including and Excluding Character strings in startup configurations

In Cisco IOS software release 12.0 and later, a nice trick is to use the + , - and / characters with sh run and sh start commands to search for specific strings (or exclude strings) in a configuration. This is similar to “ include | exclude” pipe-sentence, but is available in startup or running configuration.

For example:

To use include to search for “voice” in the running configuration, type:

Router# sh run | include voice

Voice-card 2

Voice class permanent 1

No voice hpi capture buffer

Voice-port 2/0/0

Dial-peer voice 123456 voip

Router#

As with include, to exclude strings from output, pipe sh run with exclude and the string you want to filter

For example:

Router# sh run | exclude voice

------display configuration except any sentence with word / string voice.

With the sh run or sh start commands, if your terminal is set to display one page at a time, when the display stops scrolling at the bottom of the screen use the “+” , “-“ or “/” characters to search configuration lines.

For example, type +voice to get the same output as sh run | include voice

Type a hypen (-) to skip (exclude) lines that contain the string you want to filter out. You can add several strings to include or exclude, grouping them with the pipe (|) character. Do not allow spaces between the pipes.

For example, type “–voice|description|line” which excludes sentence with word / string voice or description or line.

The forward slash (/) character lets you find the first occurrence of the given string. It stops at the first occurrence of the string to search for the next line that contains the string, so to continue searching type “/” and the string you want to find again.

Using "do" command in cisco Routers and Switches

Using privilege mode commands in global configuration mode:

Here’s a handy tip when using the show, ping, telnet or any other privilege mode commands. Instead of switching back and forth between global configuration mode and privilege mode to use these commands, you can remain in global configuration mode and type the do with original syntax.

For example:

Router(config)# do show running-config

Pinging multiple IP addresses with the tcl script

You can use the tcl script to ping multiple IP addresses from the router. The following is an example of pinging IP address 192.168.26.1, 192.168.25.1 and 192.168.17.2
Router# tclsh
Router(tcl)# foreach addr {
Router(tcl)# 192.168.26.1
Router(tcl)# 192.168.25.1
Router(tcl)# 192.168.17.2
Router(tcl)# } {ing $addr re 10 si 1500
Router(tcl)# }

After completion of task use “exit” command to come out of the tcl mode.