Secure Shell (SSH) provides support for IPv6 addresses that enable a Cisco device to accept and establish secure, encrypted
connections with remote IPv6 nodes over an IPv6 transport.
Prerequisites for SSH Support over IPv6
An IPsec (Data Encryption Standard [DES] or 3DES) encryption software image is loaded on your device. IPv6 transport for
the SSH server and SSH client requires an IPsec encryption software image.
A hostname and host domain are configured for your device.
A Rivest, Shamir, and Adelman (RSA) key pair, which automatically enables SSH, is generated for your device.
A user authentication mechanism for local or remote access is configured on your device.
To authenticate SSH clients, configure TACACS+ or RADIUS over an IPv4 transport and then connect to an SSH server over an
The basic restrictions for SSH over an IPv4 transport apply to SSH over an IPv6 transport. The use of locally stored usernames
and passwords is the only user authentication mechanism supported by SSH over an IPv6 transport. TACACS+ and RADIUS user authentication
mechanisms are not supported over an IPv6 transport.
Information About SSH Support over IPv6
SSH over an IPv6 Transport
Secure shell (SSH) SSH in IPv6 functions the same and offers the same benefits as SSH in IPv4. The SSH server feature enables
an SSH client to make a secure, encrypted connection to a Cisco device, and the SSH client feature enables a Cisco device
to make a secure, encrypted connection to another Cisco device or to any other device running an SSH server. IPv6 enhancements
to SSH consist of support for IPv6 addresses that enable a Cisco device to accept and establish secure, encrypted connections
with remote IPv6 nodes over an IPv6 transport.
How to Enable SSH Support over IPv6
Enabling SSH on an IPv6 Device
This task is optional. If you do not configure SSH parameters, then the default values will be used.
Configuring Secure Shell and Secure Shell Version 2 Support chapters of the Security Configuration Guide.
Standards and RFCs
RFCs for IPv6
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving
technical issues with Cisco products and technologies.
To receive security and technical information about your products, you can subscribe to various services, such as the Product
Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.