PIX 7.X: SSH/Telnet on the Inside and Outside Interface

To manage it remotely, you need to configure PIX 7.X to permit incoming SSH and/or Telnet connections to it. Note that since Telnet sends all information including passwords in clear text, SSH is preferred the method.



Configuration Tasks:
1. Specify credentials:
  passwd mypassword
  -- or --
  username myusername password mypassword
  aaa authentication ssh local

2. [SSH only] Generate RSA key pair:
  crypto key zeroize rsa
  crypto key generate rsa modulus 1024

Note: The "zeroize" command is there just in case a previous RSA key has already been generated previously. You can set the modulus to any other value aside from 1024. The larger the modulus, the more secure the RSA key.

3. Specify the hosts allowed to connect to the PIX:

  ssh 0 0 inside
  ssh 10.199.248.0 255.255.255.0 outside
  -- or --
  telnet 0 0 inside
  telnet 10.199.248.0 255.255.255.0 outside

Note: Syntax parameters for either case is: source_ip_address subnet_mask source_interface. The 0 0 above indicates "any".

4. [Optional] Specify the telnet/ssh session timeout:
  ssh timeout 10
  -- or --
  telnet timeout 10

Reference:
For further reading, I suggest the following URL:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml