filipniko.cz

Disable telnet now or cry later (CISCO)

filip.niko25@gmail.com

PROBLEM: Enabled telnet as a security vulnerability.
SOLUTIONDisable telnet and enable SSH

[?] Telnet vs. SSH
https://www.ssh.com/ssh/telnet

Telnet is a way how to remotely control something. This sounds great, but you should know telnet has been developed in the 1960’s and it is unencrypted. So everyone with e.g. Wireshark can read your username & password combo. The more secure way how to access your devices over the net is using SSH, which is significantly more secure.

//Just use this code

Router(config)# line vty 0 4
Router(config-line) transport input ssh

//To configure SSH properly

Router(config)# username ciscouser password ciscopassword
Router(config)# hostname somehostname
Router(config)# ip domain-name some.domain
Router(config)# crypto key generate rsa //put 1024 as a value
Router(config)# ip ssh time-out 60
Router(config)# ip ssh authentication-retries 3
Router(config)# line vty 0 4
Router(config-line)# transport input ssh

To connect use ssh -l username destination-IP

Router# ssh -l ciscouser 1.2.3.4

Copy & Paste

conf t
username ciscouser password ciscopassword
hostname somehostname
ip domain-name some.domain
crypto key generate rsa
1024

ip ssh time-out 60
ip ssh authentication-retries 3
line vty 0 4
transport input ssh
end

Tags:

Date:

Up next:

Before:

Leave a Reply

Your email address will not be published. Required fields are marked *