CCNA2 2.2.1.4 Packet Tracer - Configuring SSH

Objectives:Part 1: Secure Passwords Part 2: Encrypt Communications Part 3: Verify SSH Implementation

Observation:Part 1: Secure PasswordsUse the command prompt on PC1, and then the command Telnet to S1. The user EXEC

and privileged EXEC password is cisco. Save the current configuration to the S1. Use the command show run to show the current configuration and it shows that the passwords are in plain text. Use the command service password-encryption that encrypts plain text passwords.

Part 2: Encrypt CommunicationsConfigure the domain name to netacad.pka by using the command ip domain-name

netacad.pka. I used the command crypto key generate rsa. I generated the RSA keys using a 1024 key length. I created an administrator user with a cisco as the password by using the command username administrator password cisco. I configured the VTY lines to check the local username database for login credentials and to only allow SSH for remote access by using the command login local and transport input ssh.

Conclusion:Secure Shell (SSH) is a protocol that provides a secure (encrypted) management

connection to a remote device. SSH should replace Telnet for management connections. Telnet is an older protocol that uses insecure plaintext transmission of both the login authentication (username and password) and the data transmitted between the communicating devices. SSH provides security for remote connections by providing strong encryption when a device is authenticated (username and password) and also for the transmitted data between the communicating devices.