SSH Configuration Examples in Cisco (IOS,IOS-XE,NX-OS,IOS-XR) and Juniper(JunOS)

Here are the configuration examples:
whereas:
192.168.100.100 = Jumphost IP (Allowed IP to SSH into the device)

Juniper

system {
    services {
        ssh {
            root-login deny;
            protocol-version v2;
            connection-limit 5;
            rate-limit 5;


policy-options {
    prefix-list PERMIT-SSH {
       192.168.100.100/32;
         }

firewall {
    family inet {
        filter PROTECT-ENGINE {
    term PERMIT-SSH {
                from {
                    source-prefix-list {
                        ALLOWED-IP;
                    }
                    protocol tcp;
                    port [ ssh ];
                }
                then {
                    count PERMIT-SSH;
                    accept;
                }
            }

            term DENY-SSH {
                from {
                    protocol tcp;
                    destination-port ssh;
                }
                then {
                    count DENY-SSH;
                    discard;
                }
            }


   interfaces {

 lo0 {
        unit 0 {
            family inet {
                filter {
                    input PROTECT-ENGINE;

 Set format:
set system services ssh root-login deny
set system services ssh protocol-version v2
set system services ssh connection-limit 5
set system services ssh rate-limit 5

set policy-options prefix-list  ALLOWED-IP 192.168.100.100/32

set firewall family inet filter PROTECT-ENGINE term PERMIT-SSH from source-prefix-list ALLOWED-IP
set firewall family inet filter PROTECT-ENGINE term PERMIT-SSH from protocol tcp
set firewall family inet filter PROTECT-ENGINE term PERMIT-SSH from port ssh
set firewall family inet filter PROTECT-ENGINE term PERMIT-SSH then count PERMIT-SSH
set firewall family inet filter PROTECT-ENGINE term PERMIT-SSH then accept

set firewall family inet filter PROTECT-ENGINE term DENY-SSH from protocol tcp
set firewall family inet filter PROTECT-ENGINE term DENY-SSH from destination-port ssh
set firewall family inet filter PROTECT-ENGINE term DENY-SSH then count DENY-SSH
set firewall family inet filter PROTECT-ENGINE term DENY-SSH then discard

set interfaces lo0 unit 0 family inet filter input PROTECT-ENGINE

Cisco:

Prerequisites in configuring SSH for Cisco devices include SSH key generation, please refer to Cisco Official Documentation.
command: crypto key generate rsa

Preferably, RSA key bits at least 2048, else use 1024 for better security

IOS:
ip ssh version 2
line vty 0 4
 access-class 101 in
 exec-timeout 5 0
 password 7 01234ABC
 login authentication VTY
 transport input ssh

access-list 101 permit tcp host 192.168.100.100 any eq 22


IOS-XE:
ip ssh version 2
login quiet-mode access-class SSH-ACL
ip access-list extended SSH-ACL
 permit tcp host 192.168.100.100 any eq 22
 deny   tcp any any eq 22

line vty 0 4
 access-class SSH-ACL in
 exec-timeout 5 0
 password 7 01234ABCDEF
 login authentication VTY
 transport input ssh


NEXUS OS:
feature ssh
interface mgmt0
  ip access-group acl_101 in
 vrf member management

ip access-list acl_101
10 permit tcp 192.168.100.100/32 any eq 22
20 deny ip any any log


IOS-XR:
ssh client source-interface Loopback0
ssh server v2
!
line template VTYTEMPLATE
 secret 5 $encrpytedlocalpass
 users group root-system
 users group cisco-support
 accounting exec VTY
 accounting commands VTY
 authorization exec VTY
 authorization commands VTY
 login authentication VTY
 exec-timeout 5 0
 access-class ingress SSH-VTY
 transport input ssh

vty-pool default 0 4 line-template VTYTEMPLATE

or (simpler)
line default
 secret 5 $encrpytedlocalpass
 login authentication default
 timestamp
 exec-timeout 5 0
 access-class ingress SSH-VTY
 session-timeout 5
 transport input ssh
!

!
ipv4 access-list SSH-VTY
 10 permit tcp host 192.168.100.100 any eq ssh
 20 deny ipv4 any any log
!
control-plane
 management-plane
  inband
   interface all
    allow SSH peer
     address ipv4 192.168.100.100
      !