The following five commands all achieve the same result: the attempt to connect remotely to the router named Paris at IP address 172.16.20.1.
Any of the preceding commands lead to the following configuration sequence:
CAUTION: The following configuration creates a big security hole. Never use it in a live production environment. Use it in the lab only!
NOTE: A device must have two passwords for a remote user to be able to make changes to your configuration:
- Line vty password (or have it explicitly turned off; see the preceding Caution)
- Enable or enable secret password
Without the enable or enable secret password, a remote user will only be able to get to user mode, not to privileged mode. This is extra security.
Configuring the Secure Shell Protocol (SSH)
CAUTION: SSH Version 1 implementations have known security issues. It is recommended to use SSH Version 2 whenever possible.
NOTE: To work, SSH requires a local username database, a local IP domain, and an RSA key to be generated.
The Cisco implementation of SSH requires Cisco IOS Software to support Rivest- Shamir-Adleman (RSA) authentication and minimum Data Encryption Standard (DES) encryption—a cryptographic software image.
No comments:
Post a Comment