The Telnet protocol is still broadly
used but on the other hand it is valuable remembering that it is not as secure as SSH; therefore in
any situation in the real world where security is of major concern at that time
SSH should always be used.
Below is the basic primary
configuration of the router:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#enable secret cisco
R1(config)#int f0/0
R1(config-if)#ip address 192.168.0.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#ex
R1(config)#line vty 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exec-timeout 30
R1(config-line)#logging synchronous
R1(config-line)#motd-banner
R1(config-line)#exit
R1(config)#do copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
R1(config)#
1) elected to have only a single line (hence the line vty 0); if you want more lines then the command would read something like: line vty 0 4 - this would give me a total of 5 lines (lines 0 through 4).
2) The exec-timeout command just
sets the time-out limit on the line from the default to 30 minutes. The shorter
time-out can be annoying when configuring several devices at once.
3) The logging
synchronous command
stops any message output from splitting your typing
4) the motd-banner forces a banner
message to appear when logging in.
SSH
Configuring SSH is identical to Telnet.
The key difference is the generation of the crypto key; the basic line
parameters are the same:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#enable secret cisco
R2(config)#int f0/0
R2(config-if)#ip address 192.168.10.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#ex
R2(config)#ip domain-name steve.local
R2(config)#crypto key generate rsa
The name for the keys will be: R2.steve.local
Choose the size of the key modulus in the range of
360 to 2048 for your
General
Purpose Keys. Choosing a key modulus greater than 512 may take
a few
minutes.
How many bits in the modulus [512]: 512
% Generating 512 bit RSA keys, keys will be
non-exportable...[OK]
R2(config)#ip ssh time-out 30
R2(config)#ip ssh authentication-retries 5
R2(config)#line vty 0
R2(config-line)#transport input ssh
R2(config-line)#login
% Login disabled on line 66, until 'password' is
set
R2(config-line)#password cisco
R2(config-line)#logging synchronous
R2(config-line)#motd-banner
R2(config-line)#exit
Domain name and the hostname; these two variables will form the
basis of the key generation.therefor these variable are important to form
after executing
R2(config)#username steve password tiddles
R2(config)#line vty 0
R2(config-line)#login local
R2(config-line)#exit
No comments:
Post a Comment