Rate this post
I have a few routers and switches that were deployed to remote locations and the crypto key was not generated before they were shipped, they are working and I have SNMPv3 write access to them but I want to ssh to them without having to travel to site with console cable and laptop. Want to know snmpset oid to generate crypto key. If you’d like to know how check out my post on Creating Users on a Cisco Router. Then we need to generate a Self-Signed certificate and enable remote access on the VTY interfaces. Theses are all the commands you need to set up SSH on a Cisco router in it’s simplest form. Conf terminal Enter configuration commands, one per line. Sep 25, 2017 How to Configure SSH on Cisco Router. Quickly Enable SSH on a Cisco Router or Switch, cisco ssh configuration example, cisco ssh command, cisco ssh version 2, enable ssh version 2 cisco.
Packet Tracer – Configure Secure Passwords and SSH Instructor Version
Addressing Table
Cisco Packet Tracer Crypto Key Generate Rsa Modulus 2048
Device | Interface | IP Address | Subnet Mask | Default Gateway |
---|---|---|---|---|
RTA | G0/0 | 172.16.1.1 | 255.255.255.0 | N/A |
PCA | NIC | 172.16.1.10 | 255.255.255.0 | 172.16.1.1 |
SW1 | VLAN 1 | 172.16.1.2 | 255.255.255.0 | 172.16.1.1 |
Scenario
The network administrator has asked you to prepare RTA and SW1 for deployment. Before they can be connected to the network, security measures must be enabled.
Intructions
Step 1: Configure Basic Security on the Router
a. Configure IP addressing on PCA according to the Addressing Table.
b. Console into RTA from the Terminal on PCA.
Cisco Tracer Packet
c. Configure the hostname as RTA.
d. Configure IP addressing on RTA and enable the interface.
e. Encrypt all plaintext passwords.
f. Set the minimum password length to 10.
g. Set a strong secret password of your choosing.
Note: Choose a password that you will remember, or you will need to reset the activity if you are locked out of the device.
Note: Choose a password that you will remember, or you will need to reset the activity if you are locked out of the device.
h. Disable DNS lookup.
i. Set the domain name to CCNA.com (case-sensitive for scoring in PT).
j. Create a user of your choosing with a strong encrypted password.
k. Generate 1024-bit RSA keys.
Note: In Packet Tracer, enter the crypto key generate rsa command and press Enter to continue.
l. Block anyone for three minutes who fails to log in after four attempts within a two-minute period.
m. Configure all VTY lines for SSH access and use the local user profiles for authentication.
n. Set the EXEC mode timeout to 6 minutes on the VTY lines.
o. Save the configuration to NVRAM.
p. Access the command prompt on the desktop of PCA to establish an SSH connection to RTA.
Step 2: Configure Basic Security on the Switch
Configure switch SW1 with corresponding security measures. Refer to the configuration steps on the router if you need additional assistance.
a. Click on SW1 and select the CLI tab.
b. Configure the hostname as SW1.
c. Configure IP addressing on SW1 VLAN1 and enable the interface.
d. Configure the default gateway address.
e. Disable all unused switch ports.
Note: On a switch it is a good security practice to disable unused ports. One method of doing this is to simply shut down each port with the ‘shutdown’ command. This would require accessing each port individually. There is a shortcut method for making modifications to several ports at once by using the interface range command. On SW1 all ports except FastEthernet0/1 and GigabitEthernet0/1 can be shutdown with the following command:
The command used the port range of 2-24 for the FastEthernet ports and then a single port range of GigabitEthernet0/2.
f. Encrypt all plaintext passwords.
g. Set a strong secret password of your choosing.
Much has been documented about generation Z and you can find interesting reads at bitgale.com but in trying to comprehend the challenges that this unique generation will face, here are pointers that are sure to come up.Juggling careersAs much as generation Z prefers to perfect a particular career before targeting another avenue, they are open to other career paths as long as they fulfill part of their overall vision. Automation is therefore going to be a big challenge that will need addressing in the near future.Starting family lifeAs of 2012 Only 42% of young adults got married and of the said number, only 52% had children. What challenges will generation Z face in the futureBeing touted as arguably the most pronounced generation of all time, generation Z is bound to take the world by storm but just as with the previous generation before them, there is the real concern of the challenges that will spring up owing to the progression that will be made. What are the key challenges facing your generation. The chronology of the challenges and their mitigating angles are bound to problems of the future but it is important to understand the semantics of what they will be facing. The aspect of juggling careers however promises to be a big challenge especially with most experts flooding the market and education becoming a mainstream element.Rising unemployment rateAs of May 2015, the unemployment rate was at 13.5% and it is projected that the figures may rise significantly especially with the mechanization of activities.
h. Disable DNS lookup.
i. Set the domain name to CCNA.com (case-sensitive for scoring in PT).
j. Create a user of your choosing with a strong encrypted password.
k. Generate 1024-bit RSA keys.
l. Configure all VTY lines for SSH access and use the local user profiles for authentication.
m. Set the EXEC mode timeout to 6 minutes on all VTY lines.
n. Save the configuration to NVRAM.