[CCNAv6 S2] 5.2.1.4 Packet Tracer - Configuring SSH



Packet Tracer - Configuring SSH
Addressing Table

 Objectives

Part 1: Secure Passwords

Part 2: Encrypt Communications

Part 3: Verify SSH Implementation

Background

SSH should replace Telnet for management connections. Telnet uses insecure plain text communications. SSH provides security for remote connections by providing strong encryption of all transmitted data between devices. In this activity, you will secure a remote switch with password encryption and SSH.

Part 1:    Secure Passwords
a.     Using the command prompt on PC1, Telnet to S1. The user EXEC and privileged EXEC password is cisco.

b.     Save the current configuration so that any mistakes you might make can be reversed by toggling the power for S1.

c.     Show the current configuration and note that the passwords are in plain text. Enter the command that encrypts plain text passwords.

d.     Verify that the passwords are encrypted.

Part 2:    Encrypt Communications
Step 1:     Set the IP domain name and generate secure keys.

It is generally not safe to use Telnet, because data is transferred in plain text. Therefore, use SSH whenever it is available.

a.     Configure the domain name to be netacad.pka.

b.     Secure keys are needed to encrypt the data. Generate the RSA keys using a 1024 key length.

Step 2:     Create an SSH user and reconfigure the VTY lines for SSH-only access.

a.     Create an administrator user with cisco as the secret password.

b.     Configure the VTY lines to check the local username database for login credentials and to only allow SSH for remote access. Remove the existing vty line password.

Part 3:    Verify SSH Implementation
a.     Exit the Telnet session and attempt to log back in using Telnet. The attempt should fail.

b.     Attempt to log in using SSH. Type ssh and press Enter without any parameters to reveal the command usage instructions. Hint: The -l option is the letter “L”, not the number 1.

c.     Upon successful login, enter privileged EXEC mode and save the configuration. If you were unable to successfully access S1, toggle the power and begin again at Part 1.



Configuration Telnet:



Configuration S1: 

enable
configure terminal
service password-encryption
ip domain-name netacad.pka
crypto key generate rsa
1024
username administrator secret cisco
line vty 0 4
 no password
 transport input ssh
 login local
 end
write memory
!


Link Download: Here


Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

[CCNAv6 S4] 8.2.4.14 Packet Tracer - Troubleshooting Enterprise Networks 3

Hình ảnh
Packet Tracer – Troubleshooting Enterprise Networks 3 Addressing Table Background This activity uses a variety of technologies you have encountered during your CCNA studies, including routing, port security, EtherChannel, DHCP, NAT, PPP, and Frame Relay. Your task is to review the requirements, isolate and resolve any issues, and then document the steps you took to verify the requirements. Note: This activity begins with a partial score. Requirements DHCP ·         R1 is the DHCP server for the R1 LAN. Switching Technologies ·         Port security is configured to only allow PC1 to access S1's F0/3 interface. All violations should disable the interface. ·         Link aggregation using EtherChannel is configured on S2, S3, and S4. Routing ·         All routers are configured with OSPF process ID 1 and no routing updates should be sent across interfaces that do n...
Đọc thêm

[CCNAv6 S2] 2.2.2.4 Packet Tracer - Configuring IPv4 Static and Default Routes

Hình ảnh
Packet Tracer - Configuring IPv4 Static and Default Routes Addressing Table Objectives Part 1: Examine the Network and Evaluate the Need for Static Routing Part 2: Configure Static and Default Routes Part 3: Verify Connectivity Background In this activity, you will configure static and default routes. A static route is a route that is entered manually by the network administrator to create a reliable and safe route. There are four different static routes that are used in this activity: a recursive static route, a directly attached static route, a fully specified static route, and a default route. Part 1:     Examine the Network and Evaluate the Need for Static Routing a.     Looking at the topology diagram, how many networks are there in total? b.    How many networks are directly connected to R1, R2, and R3? c.     How many static routes are required by each router to reach networks that are not directly ...
Đọc thêm

[CCNAv6 S2] 7.3.2.4 Packet Tracer - Troubleshooting Standard IPv4 ACLs

Hình ảnh
Packet Tracer – Troubleshooting Standard IPv4 ACLs Addressing Table Objectives Part 1: Troubleshoot ACL Issue 1 Part 2: Troubleshoot ACL Issue 2 Part 3: Troubleshoot ACL Issue 3 Scenario This network is meant to have the following three policies implemented: ·         Hosts from the 192.168.0.0/24 network are unable to access network 10.0.0.0/8. ·         L3 can’t access any devices in network 192.168.0.0/24. ·         L3 can’t access Server1 or Server2. L3 should only access Server3. ·         Hosts from the 172.16.0.0/16 network have full access to Server1, Server2 and Server3. Note: All FTP usernames and passwords are “cisco”. No other restrictions should be in place. Unfortunately, the rules that have been implemented are not working correctly. Your task is to find and fix the errors related to the access lists on R1. Part 1:     Troublesh...
Đọc thêm