Scribd
Upload
650 views4 pages

Configuring Secure Password and SSH

The document provides instructions for configuring secure passwords and SSH access on a router named Main. The steps include encrypting passwords, setting strong passwords, generating an RSA key, blocking login attempts after failed attempts, and configuring VTY lines for SSH access using local authentication.

Uploaded by

api-356080077
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
650 views4 pages

Configuring Secure Password and SSH

The document provides instructions for configuring secure passwords and SSH access on a router named Main. The steps include encrypting passwords, setting strong passwords, generating an RSA key, blocking login attempts after failed attempts, and configuring VTY lines for SSH access using local authentication.

Uploaded by

api-356080077
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Configuring Secure Passwords and SSH

Packet Tracer Configuring Secure Passwords and SSH


Addressing Table

Default
Device Interface IP Address Subnet Mask Gateway

Main G0/0 [Link] [Link] N/A


NetAdmin NIC [Link] [Link] [Link]
Configuring Secure Passwords and SSH

Scenario
The network administrator has asked you to prepare Main for deployment. Before it can be
connected to the network, security measures must be enabled.

Requirements
Configure IP addressing on NetAdmin according to the Addressing Table.

Console into Main from the Terminal on PC-A.


Configure IP addressing on Main and enable the interface.
Configure the hostname as Main.
Encrypt all plaintext passwords.
Main(config)# service password-encryption
Set a strong secret password of your choosing.
Set the domain name to [Link] (case-sensitive for scoring in PT).
Main(config)# ip domain-name [Link]
Create a user of your choosing with a strong password.
Main(config)# username any_user password any_password
Generate 1024-bit RSA keys.
Note: In Packet Tracer, enter the crypto key generate rsa command and press Enter to
continue.
Main(config)# crypto key generate rsa
Block anyone for three minutes who fails to log in after four attempts within a two-
minute period.
Main(config)# login block-for 180 attempts 4 within 120
Configure the VTY lines for SSH access and use the local user profiles for
authentication.
Main(config)# line vty 0 4
Main(config-line)# transport input ssh
Main(config-line)# login local
Save the configuration to NVRAM.
Configuring Secure Passwords and SSH

Router>enable

Router#configure terminal
Router(config)#interface gigabitEthernet0/0
Router(config-if)#ip add [Link] [Link]
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#hostname Main
MAIN(config)#service password-encryption

MAIN(config)#enable secret cl@ss

MAIN(config)#ip domain-name [Link]


MAIN(config)#username any_user password cisco
MAIN(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
Configuring Secure Passwords and SSH

MAIN(config)#login block-for 180 attempts 4 within 120


MAIN(config)#line vty 0 4
MAIN(config-line)#transport input sshMAIN(config-line)#login local
MAIN(config-line)#exit
MAIN(config)#exit

MAIN#copy running-config startup-config

You might also like