Abrer_Wiki

User Tools

Site Tools

Trace: login_security tips_and_advice_for_productive_personal_time_management
icnd1:login_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
icnd1:login_security [2024/03/14 12:07]
114.119.141.71 old revision restored (2023/10/09 11:32) 		icnd1:login_security [2024/04/25 22:16] (current)
52.211.143.139 old revision restored (2023/10/14 09:38)
Line 1: Line 1:
- ===== Login Security ===== Quick notes on basic login security for console / VTY / Privileged Moe. +===== Login Security ===== 
- ==== Console Login ====   * Protect console access for all device consoles with a password of ‘certskills’: <code> R1#conf t Enter configuration commands, one per line.  End with CNTL/Z. R1(config)#line console 0 R1(config-line)#password certskills <-- sets password for line console 0. R1(config-line)#login  <-- Enables login prompt. </code> Although these commands will password line console 0 -- the password certskills is stored in the running config in ''**plain-english**''. ''**R1(config)#service password-encryption**'' will obfuscate the password so that it is no longer clear-text. ==== Secure Privilege Mode ====   * Protect privileged mode for all devices using password “ccnaskills” while storing the password as an MD5 hash. <code> R1#conf t Enter configuration commands, one per line.  End with CNTL/Z. R1(config)#enable secret ccnaskills R1(config)#do sh run | i secret enable secret 5 $1$vjig$siLDrz4NPN2cOc8j8tAso0 </code> ==== Telnet Security ====    * Protect Telnet access by requiring username/password login. To that end, create a username ‘person’ with a password of ‘access’ using the most secure option to configure the user. <code> R1#conf t Enter configuration commands, one per line.  End with CNTL/Z. R1(config)#username person secret access R1(config)#line vty 0 15 R1(config-line)#login local </code>+Quick notes on basic login security for console / VTY / Privileged Moe. 
 + 
 +==== Console Login ==== 
 +  * Protect console access for all device consoles with a password of ‘certskills’: 
 +<code> 
 +R1#conf t 
 +Enter configuration commands, one per line.  End with CNTL/Z. 
 +R1(config)#line console 0 
 +R1(config-line)#password certskills <-- sets password for line console 0. 
 +R1(config-line)#login  <-- Enables login prompt. 
 +</code> 
 + 
 + 
 +==== Secure Privilege Mode ==== 
 +  * Protect privileged mode for all devices using password “ccnaskills” while storing the password as an MD5 hash. 
 +<code> 
 +R1#conf t 
 +Enter configuration commands, one per line.  End with CNTL/Z. 
 +R1(config)#enable secret ccnaskills 
 +R1(config)#do sh run | i secret 
 +enable secret 5 $1$vjig$siLDrz4NPN2cOc8j8tAso0 
 +</code> 
 +==== Telnet Security ====  
 +  * Protect Telnet access by requiring username/password login. To that end, create a username ‘person’ with a password of ‘access’ using the most secure option to configure the user. 
 +<code> 
 +R1#conf t 
 +Enter configuration commands, one per line.  End with CNTL/Z. 
 +R1(config)#username person secret access 
 +R1(config)#line vty 0 15 
 +R1(config-line)#login local 
 +</code>
icnd1/login_security.1710418039.txt.gz · Last modified: 2024/03/14 12:07 by 114.119.141.71

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki