===== Login Security =====
Quick notes on basic login security for console / VTY / Privileged Moe.
==== Console Login ====
* Protect console access for all device consoles with a password of ‘certskills’:
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#password certskills <-- sets password for line console 0.
R1(config-line)#login <-- Enables login prompt.
==== Secure Privilege Mode ====
* Protect privileged mode for all devices using password “ccnaskills” while storing the password as an MD5 hash.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#enable secret ccnaskills
R1(config)#do sh run | i secret
enable secret 5 $1$vjig$siLDrz4NPN2cOc8j8tAso0
==== Telnet Security ====
* Protect Telnet access by requiring username/password login. To that end, create a username ‘person’ with a password of ‘access’ using the most secure option to configure the user.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#username person secret access
R1(config)#line vty 0 15
R1(config-line)#login local