Cisco ASA SSL & SSH Security
!----------------------------------------------------------------------- ! Secure SSL !----------------------------------------------------------------------- - Add the following commands to force TLSv1.2 and force high level encryptions ssl server-version tlsv1.2 ssl cipher default high - Use a public SSL Certificate not a self-signed certificate. Purchase a public domain name, purchase a digital certificate and install the digital certificate on the ASA !----------------------------------------------------------------------- ! Secure ssh !----------------------------------------------------------------------- - Add the following commands to use ssh version 2 and high level ciphers ssh stricthostkeycheck ssh x.x.x.x m.m.m.m inside ssh timeout 10 ssh version 2 ssh cipher encryption high ssh cipher integrity high ssh key-exchange group dh-group14-sha1 no ssh 0.0.0.0 0.0.0.0 outside





Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: