Securing Router Logins with SSH: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 9: Line 9:




[[File:Wireshark.29.jpg|800px]]
[[File:ssh.1.jpg|800px]]




Line 23: Line 23:




[[File:Wireshark.29.jpg|800px]]
[[File:ssh.ena.jpg|800px]]




Line 32: Line 32:




[[File:Wireshark.30.jpg|800px]]
[[File:ssh.config.jpg|800px]]




Line 41: Line 41:




[[File:Wireshark.31.jpg|800px]]
[[File:ssh.hostname.jpg|800px]]




Line 50: Line 50:




[[File:Wireshark.32.jpg|800px]]
[[File:ssh.passlength.jpg|800px]]




Line 59: Line 59:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.enablesecret.jpg|800px]]




Line 68: Line 68:




[[File:Wireshark.32.jpg|800px]]
[[File:ssh.clearpass.jpg|800px]]




Line 77: Line 77:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.userpass.jpg|800px]]




Line 90: Line 90:




[[File:Wireshark.32.jpg|800px]]
[[File:ssh.lineconsole.jpg|800px]]




Line 107: Line 107:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.lineaux.jpg|800px]]




Line 124: Line 124:




[[File:Wireshark.32.jpg|800px]]
[[File:ssh.linevty.jpg|800px]]




Line 133: Line 133:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.domainname.jpg|800px]]




Line 146: Line 146:




[[File:Wireshark.32.jpg|800px]]
[[File:ssh.keygen.jpg|800px]]
 
 
 
[[File:ssh.bits.jpg|800px]]




Line 159: Line 163:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.timeoutretries.jpg|800px]]




Line 168: Line 172:




[[File:Wireshark.33.jpg|800px]]
[[File:ssh.2.jpg|800px]]




Line 177: Line 181:




[[File:Wireshark.33.jpg|800px]]
*Step 3
Go to enable mode and enter your password.  You are now using secure SSH.
Go to enable mode and enter your password.  You are now using secure SSH.






[[File:Wireshark.33.jpg|800px]]
[[File:ssh.3.jpg|800px]]





Revision as of 17:06, 4 May 2010

Securing Router Logins with SSHThis is a walk through to help new students learn how to configure a more secure login with a router and utilize SSH.

Checking Router Bin file

This is a check to ensure that the router you are using is going to run SSH.

  • Step 1

Issue the command show flash, to check and see if K9 is in the bin file


Ssh.1.jpg



Router Configuration

This will cover the commands needed to setup the router logins and SSH.

  • Step 1

enaable


Ssh.ena.jpg


  • Step 2

config t


Ssh.config.jpg


  • Step 3

hostname (name)


Ssh.hostname.jpg


  • Step 4

security passwords min-length (number), we used 10 for a password length of 10 characters.


Ssh.passlength.jpg


  • Step 5

eable secret (password)


Ssh.enablesecret.jpg


  • Step 6

no enable password to clear passwords that may already be set.


Ssh.clearpass.jpg


  • Step 7

user (name) secret (password) this will be your user name and password for loging in to the router and SSH.


Ssh.userpass.jpg


  • Step 8

line console 0


login local


Ssh.lineconsole.jpg


  • Step 9

line aux 0


no password


login local


Ssh.lineaux.jpg


  • Step 10

line vty 0 4


login local


transport input ssh this last command is to use ssh and not telnet.


Ssh.linevty.jpg


  • Step 11

ip domain-name (domain name)


Ssh.domainname.jpg


  • Step 12

cry key generate rsa


(360-2048) you will use this to set the size of the key the larger the more secure.


Ssh.keygen.jpg


Ssh.bits.jpg


  • Step 13

ip ssh time-out (number)


ip ssh authentication-retries (number)


Ssh.timeoutretries.jpg


SSH Through Putty

  • Step 1

You will login using the IP of the router you are connecting to.


Ssh.2.jpg


  • Step 2

Login using the user name and password created previously.


Go to enable mode and enter your password. You are now using secure SSH.


Ssh.3.jpg



External links