How to Configure Telnet and SSH in Cisco Router
Telnet and Secure Shell (SSH) protocols have the same purpose. Both of them are used to communicate to a remote device. They are used mostly by network administrators to remotely access and manage devices such as routers, switches, servers.
Telnet is not secure because all the data would be sent in clear text including the passwords without authentication and encryption, but SSH is a secure protocol because it encrypts the data using authentication and encryption protocols.
SSH uses RSA for authentication , and encryption protocols such as DES and 3DES.
The differences between telnet and SSH
Configuring Telnet
R(config)#line vty 0 4
R(config-if)#password P@ssw0rd
R(config-if)#login
R(config-if)#exit
Configuring SSH
- You must have hostname and domain name configured on the router
R(config)#hostname F5Skills
F5Skills(config)#ip domain-name F5skills.local
- Create username and password in the router database
F5Skills(config)#username F5Sk!lls privilege 15 secret P@ssw0rd
- Generate an RSA keypair with a key length of 1024 bits for authentication
F5Skills(config)#crypto key generate rsa modulus 1024
- Enable login authentication against the local database of the router using the login local command and uses ssh protocol when logging in to a the terminal line using transport input ssh command.
F5Skills(config)#line vty 0 4
F5Skills (config-if)#login local
F5Skills (config-if)#transport input ssh
F5Skills (config-if)#exit
To show the version of SSH
F5Skills#sh ip ssh
To change the version of SSH from version 1 to version 2, since SSH-2 features both security and feature improvements over SSH-1. Better security, for example, comes through Diffie Hellman key exchange and strong integrity checking via message authentication codes.
F5Skills(config)#ip ssh version 2
The Client uses putty, Tera Term, SecureCrt and others to login into the router using telnet or ssh .
To access a router remotely from another router, use the command
Router1#ssh -l username IP-address
No comments