switch>enable
switch#configure terminal
switch(config)#enable password myPassword
switch(config)#enable secret mySecret
+ To encrypt password --> using with keyword password:
switch(config)#service password-encryption
2- Set Telnet password:When login via telnet remote access, required telnet password
switch>enable
switch#configure terminal
switch(config)#line vty 0 4
switch(config)# password telnetPassword
switch(config)# login
3- Set username password: When login via telnet remote access, required username password
switch>enable
switch#configure terminal
switch(config)#interface vlan1
switch(config-if)# ip address 192.168.2.5 255.255.255.0
switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#ip default-gateway 192.168.2.1
switch(config)#username User secret 123
switch(config)#line vty 0 4
switch(config)#login local
switch(config)#enable secret secretpass
4- Set SSH remote via Switch (Secure SHell, 22/tcp) password:
Ex: Switch --> IP: 192.168.2.2
switch>enable
switch#configure terminal
switch(config)#interface vlan1
switch(config-if)# ip address 192.168.2.2 255.255.255.0
switch(config-if)#no shutdown
switch(config-if)#exitswitch(config)#enable secret secretpass
switch(config)#username User secret Userpass
switch(config)#ip domain-name www.cambodia.com
switch(config)#crypto key generate rsa
switch(config)#1024
switch(config)#ip ssh version 2
switch(config)#line vty 0 4
switch(config)# login local
switch(config)#transport input ssh
==> login PC> ssh -l User192.168.2.2
********** Lesson **************
1/- Set enable OR secret password: Protect Privilege Exec Mode
enable password myPassword
2/- Set enable OR secret password: Protect Privilege Exec Mode
enable secret mysecretpass
3/- Set Telnet password(telnet): When login via telnet remote access, required telnet password
Ex: IP router: 192.168.2.1/24
line vty 0 4
password telnetpass
login
4/- Set username password(telnet): When login via telnet remote access, required username password
interface vlan 1
ip address 192.168.2.5 255.255.255.0
no shutdown
exit
ip default-gateway 192.168.2.1
username user1 secret user1pass
line vty 0 4
login local
enable secret secretpass
5/- Set username password(telnet): When login via telnet remote access, required username password
(cmd: privilege is login withou privilege-mode)
interface vlan 1
ip address 192.168.2.5 255.255.255.0
no shutdown
exit
ip default-gateway 192.168.2.1
username user1 privilege 15 secret user1pass
line vty 0 4
login local
enable secret secretpass
6/- Set SSH remote to Router or Switch (Secure SHell, 22/tcp) password:
Ex: Sw1--> IP: 192.168.2.5
hostname R1_Sw1
config ter
int vlan 1
ip add 192.168.2.5 255.255.255.0
no shut
exit
ip default-gateway 192.168.2.1
username mengheang secret Passw0rd
ip domain-name www.cambodia.com
crypto key generate rsa
1024
ip ssh version 2
line vty 0 4
login local
transport input ssh
exit
enable secret secretpass
(copy pass into R1 or Sw1 )
(remote PC> ssh -l dara 192.168.2.1)
# ssh -v 2 -l [username1] [ipofrouter2]
----------------------------------------------
How to ssh remote access from Cisco Router1 to Cisco Router2
# ssh -v 2 -l [username1] [ipofrouter2]
# ssh -l [username1] [ipofrouter2]
---------------------------------
5) Set banner to inform when login:
banner motd "Access for authorized users only. Please enter your username and password." : option 1
banner motd #Access for authorized users only. Please enter your username and password.# : option 2
banner motd ^Access for authorized users only. Please enter your username and password.^ : option 3
+ to encrypt password using with keyword password:
service password-encryption
+ to abort when type wrong command input.
no ip domain-lookup
EmoticonEmoticon