vty/ssh/passwords Flashcards

1
Q

What are the 4 steps to enable SSH?

A
  1. configure hostname
  2. configure domain name with ‘ip domain-name’
  3. generate RSA key pair with ‘crypto key generate rsa’
  4. configure a vty line to use SSH with ‘transport input ssh’
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

‘switchport port-security violation restrict’

A

Port security option discards traffic and increases the security violation counter when unauthorized MAC comes through

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

‘switchport port-security violation protect’

A

Port security that silently discards traffic and does not increment counter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

‘switchport port-security violation shutdown’

A

Port security that enters err-disabled if it receives unauthorized traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

6 steps to setup a device as SSH server?

A

1) hostname R1
2) ip domain-name
3) crypto key generate rsa
4) username Bill/enable secret
5) line vty 0 4
transport input ssh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

5 steps to configure a SSH client?

A

1) hostname R1
2) ip domain-name fqdn.com
3) crypto key generate rsa
4. ip ssh [time-out seconds]
5) line vty 0 4
transport input ssh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

login local does what?

Where is it configured?

A

tells the device to require a user to login using one of the configured usernames on the device.

it is configured at the line console level with ‘line console 0’
(config-line)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How do you configure a L2 switch with a management IP?

4 steps

A

put an IP on the SVI, enable it, add default gateway to global config

(if) # interface vlan1
(if) # ip address 192.168.0.6 255.255.255.0
(if) # no shutdown
(config) # ip default-gateway 192.168.0.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is required first before you can enter privileged exec mode through telnet?

A

enable secret.

If login local is enabled, a user must also be created with: ()#username jeremy secret password123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what does ‘()# line vty 0 15’ do?

A

selects all the VTY lines for configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the difference between the following commands:

(config-line)# access-class 1 in
()access-list 1 permit host 192.168.0.1
()ip access-list
()ip access-group

A

access-class : an ACL that applies only to VTY lines
access list : creates a VTY only ACL

(following two ip are not used for VTY?)
ip access-list : applies an ACL to an interface
ip access-group : creates an ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

how do you enable ssh on a vty line?

A

()# line vty 0 15

(config-line)# transport input ssh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what command configures a VTY ACL?

A

()# access-list 199 permit tcp host 192.168.1.1 any eq 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what command applies a VTY ACL?

A

(config-line)# access-class 199 in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly