Configure SSH Access

You can enable the secure copy (SCP) server on the ASA. Only clients that are allowed to access the ASA using SSH can establish a secure copy connection.

Procedure

Step 1

In the edit ASA settings policy page, click SSH in the left pane.

Step 2

Uncheck the Retain existing values checkbox to configure the values for the shared ASA system settings policy.

Important

If the Retain existing values check box is selected, you can't configure the values as the fields are hidden. CDO uses the existing local values of the ASA device for this setting and doesn't inherit from the shared policy.

Step 3

Enable Enable Scopy SSH (secure copy SSH).

Step 4

In the Timeout in Minutes field, set the timeout from 1 to 60 minutes. The default is 5 minutes. The default duration is too short in most cases, and should be increased until all pre-production testing and troubleshooting have been completed.

Step 5

Click and configure the following:

Interface: Specify the interface name. Ensure the interface name specified here is the same on the ASA devices associated with this shared system settings policy.
IP Version: Select the IP address version you want to use.
IP Address: Specify the addresses of all hosts/networks that can access the ASA using SSH.
Netmask: Specify the subnet mask for the network.

Note	To remove SSH details, you can click the delete icon under Actions.

Step 6

Click Save.