-
Notifications
You must be signed in to change notification settings - Fork 12
/
16.4.6-Configure secure passwords-and-ssh
88 lines (63 loc) · 3.48 KB
/
16.4.6-Configure secure passwords-and-ssh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
*****************16.4.6-packet-tracer---configure-secure-passwords-and-ssh******************
PCA configuration
=================
#Click on PCA ,go to Desktop>IP configuration
Ip adress :172.16.1.10
Subnet mask :255.255.255.0
Default Gateway :172.16.1.1
#To configure RTA, you need to access it via the console on PCA
#Go to Desktop>Terminal and click "OK"
Router RTA configuration
========================
en #to enter privileged EXEC mode.Short for "enable"
conf t #To enter global configuration mode.Short for "configure terminal"
hostname RTA #To configure the device name
int g0/0 #To enter interface configuration mode
ip address 172.16.1.1 255.255.255.0 #To configure the ipv4 address
no sh #To turn on the interface
exit #To return to global configuration mode
service password-encryption #To encrypt plain text passwords in the device configuration file
security password min-length 10 #To Set the minimum password length to 10.
enable secret my cisco p@ssw0rd #To configure an encrypted password for secure access to privileged mode
no ip domain-lookup #To stop the router from querying dns for typo.
#By default, any single word entered on a command line that is not recognized as a valid #command is considered as a hostname by the router,
#and the router will by default try to telnet to that hostname.
ip domain-name CCNA.com #To configure a domain name
username Bob secret dog #To set the username and password for SSH
crypto key generate rsa #To generate Rivest, Shamir, and Adelman (RSA) key pairs
1024 #To specify the size of the key modulus
login block-for 180 attempts 4 within 120 #To block anyone for three minutes who fails to log in after four attempts within a two-minute period
line vty 0 4 #To specify the vty from 0 to 4 for configuration
transport input ssh #To specify SSH for inbound connections to the router
login local #To use the local user profiles for authentication.
exec-timeout 6 #To set the EXEC mode timeout to 6 minutes
exit
copy runn start #To back up the running configuration file to NVRAM
exit
Switch 1 configuration
=====================
en
conf t
hostname SW1
ip defaut-gateway 172.16.1.1
int VLAN1 #To enter the Interface Configuration context for Vlan 1
ip address 172.16.1.2 255.255.255.0 #To configure an ip address,to perform switch management over the network
no sh #To turn on interface
exit
int rang F0/2-24, G0/2
shutdown #To shutdown all interfaces from F0/2 to F0/24 and G0/2
exit
service password-encryption #To encrypt plain text passwords in the device configuration file
enable secret my switch p@ssw0rd #To configure an encrypted password for secure access to privileged mode
no ip domain-lookup #To stop the router from querying dns for typo.
ip domain-name CCNA.com #To configure a domain name
username Bob secret dog #To set the username and password for SSH
crypto key generate rsa modulus #To generate Rivest, Shamir, and Adelman (RSA) key pairs
1024 #To specify the size of the key modulus
line vty 0 15 #To specify the vty from 0 to 15 for configuration
transport input ssh #To specify SSH for inbound connections to the router
login local #To use the local user profiles for authentication.
exec-timeout 6 #To set the EXEC mode timeout to 6 minutes
exit
copy runn start #To back up the running configuration file to NVRAM
exit