Login configuration & concepts

Question 1

How to configure Console Login ?

Answer 1

> Line con 0 - 0 is the amount of connection available
password 0 - no encryption
password 7 - password encrypted
login - enable password to be asked for

Question 2

How to configure Telnet Login

Telnet = Remote login, not encrypted, but TCP

Answer 2

> line vty 0 - 15 - 0 is the amount of connection available
password - same a console
login - is set by default

Above is not encrypted - message can be captured by wire shark and read

Question 3

After configuring Consol and Telent.-
What does the below config do ?

> No Login

Answer 3

> no login

• this will remove the password being asked, goes straight into enable mode

Question 4

Enable = Setting password on the privilage exec mode

Answer 4

> enable password ___

• this is not encrypted at all. Also in clear text in config file

Question 5

Enable secret is ?

Answer 5

difference is it hides the password from the running config. Take priority over enable password if already configured.

Question 6

how to configure enable secret ?

Answer 6

> enable secret _____

• Take priority over existing enable password if set

This is MD5# = type 7 strength - hacking is required to break it

Question 7

What is SSH stand for and used for ?

Answer 7

SSH = secure shell - Remote login that is encrypted

Question 8

How to configure SSH ?

with explanation of each part

Answer 8

1. > host name ____ - this is needed
2. > ip domain-name ___ - these two are needed for the self generated certificate
3. > crypto key generate RSA 1024
   - generate encrypted keys - Public & Private Key
   - Sym 64, 128, 256 bits. Default is sugeested 512 this is asymmetric key set
4. > iP ssh version 2 - enable SSH & Key
5. > Username ____ password ______
   - Create Local user account & password

or. > username ____ secret ________
- same as enable secret hides password & MD5 hashing

6. • Allow telnet or ssh or both. ssh only disables telnet
     > Line vty 0 - 15
     > transport input ___ all or ssh,telnet
7. Login
   > login Local or Tacacs
   - username & password from local database

Question 9

How to configure SSH ?

whole process in order - with no explanation

Answer 9

whole process in order

1 - Hostname
2 - ip Domain-name
3 - crypto key generate RSA [512] 1024
4 - ip ssh version 2
5 - username \_\_\_ password/secret \_\_\_\_\_
6 - line vty 0-15
    transport input all or ssh
7 - Login Local

Question 10

What is - Terminal timeout ?

How to configure it ?

Answer 10

Terminal timeout = how long before session and idle kick out

> Line con 0
Line Vty 0 - 15 - For both of these

> exec-timeout 5 10 - 5 is the min, 10 is the seconds

Question 11

What is Logging synchronous ?

How to configure it ?

Answer 11

Logging synchronous = when typing command and screen message disrupts, this setting makes sure the command is displayed on a fresh line

> Line con 0
Line Vty 0 - 15 - For both of these

> Logging synchronous

Question 12

What is Service password-encryption ?

How to configure it ?

Answer 12

Service password-encryption = This just hides all password on running config on device - This can be easily decrypted on websites(ifm)

from global config

> Service password-encryption

This can be easily decrypted on websites(ifm)

Question 13

What are the encryption strengths ?

Answer 13

Enable secret is =
This is MD5# = type 7 strength - hacking is required to break it

Enable password & service password encrypt =
This just hides all password on running config