Scribd
Upload
118 views7 pages

Configuring SSH Using An Username & Password: Khawar Butt Ccie # 12353 (R/S, Security, SP, DC, Voice, Storage & Ccde)

This document discusses configuring SSH for remote router management using usernames and passwords. It describes generating encryption keys on routers with domain names, enabling SSH and Telnet on VTY lines, and remotely logging into a router over SSH using the configured username and passwords for authentication.

Uploaded by

Avishkar Gote
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
118 views7 pages

Configuring SSH Using An Username & Password: Khawar Butt Ccie # 12353 (R/S, Security, SP, DC, Voice, Storage & Ccde)

This document discusses configuring SSH for remote router management using usernames and passwords. It describes generating encryption keys on routers with domain names, enabling SSH and Telnet on VTY lines, and remotely logging into a router over SSH using the configured username and passwords for authentication.

Uploaded by

Avishkar Gote
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Configuring SSH Using an c

Username & Password


KHAWAR BUTT
CCIE # 12353 [R/S, SECURITY, SP, DC, VOICE, STORAGE & CCDE]
Overview
 Configuring SSH for Remote Management using an Username & Password

c
Lab Diagram
PC PC

Switch Switch
c

192.168.1.0/24 192.168.2.0/24
Ethernet 0/0 Ethernet 0/0
Serial 1/0 Serial 1/0

Console R1 192.168.12.0/24 R2

MGMT
PC
Configuring Username based SSH
 In order secure the transmission between the Router and the Admin device,
we can use SSH instead of Telnet.
c
 SSH allows us to encrypt the transmission.

 SSH requires you to generate an encryption key. The encryption key requires a
Full Qualified Domain Name, i.e., the hostname and domain name
combination. This requires that the router be set with a domain name as well.

 Once the key is generated, SSH can be enabled under the VTY Ports.
Configuring SSH Authentication
 We are going to use the authentication database from the previous lab. Configure a Domain name
“abc.com”, on both routers.
 Generate an encryption key using a key size of 1024.
 Enable SSH and Telnet for the VTY lines.
c

R1 R2

R1(config)#ip domain-name abc.com R2(config)#ip domain-name abc.com


R1(config)#crypto key generate rsa modulus 1024 R2(config)#crypto key generate rsa modulus 1024
R1(config)#line vty 0 4 R2(config)#line vty 0 4
R1(config-line)#transport input telnet ssh R2(config-line)#transport input telnet ssh
Verifying Remote Management using SSH
SSH into R2 from R1 by using the following

R1#ssh –l admin1 192.168.12.2 [-l is for login name]

It should prompt for a password. Type admin1 as cthe password.

You should be at the User Exec Mode “>”. This is the default mode for Remote Management.

Type “Enable” to move to Privilege Exec Mode.

You will be prompted for a password. This is the enable password. This is required to be set for Remote
management. Type cisco111 as the enable password. You Should be at the Privilege Exec Mode “#”.

You can manage the router as if you were connected directly to the console.
Whiteboard

You might also like