Skip to main content

SSH CONFIGURATION

 WHAT IS SSH

SSH OR SECURE SHELL IS A NETWORK COMMUNICATION PROTOCOL THAT ENABLES TWO COMPUTERS TO COMMUNICATE (C.F HTTP OR HYPERTEXT TRANSFER PROTOCOL.

WHICH IS THE PROTOCOL USED TO TRANSFER HYPERTEXT SUCH AS WEB PAGES) AND SHARE DATA.

SSH IS A A PROTOCOL SIMILAR TO THAT OF TALENT. IT'S ALSO USED TO REMOTELY ACCESS THE NETWORK DEVICES.

BUT IT IS MORE SECURE IN COMPARISON TELNET AND PROVIDES A CRYPTOGRAPHIC CONCEPT.

WHAT IS CRYPTOGRAPHY

CRYPTOGRAPHY IS A METHOD OF PROTECTING INFORMATION AND COMMUNICATIONS THROUGH THE USE OF CODES.

SO THAT ONLY THOSE FOR WHOM THE INFORMATION IS INTENDED CAN READ AND PROCESS IT.

_________________________

REQUIRMENT


1. WHICHEVER DEVICE YOU WANT TO CONFIGURE SSH ON THIS DEVICE.

MUST HAVE AN IP ADDRESS BECAUSE WHEN WE ACCESS THE DEVICE REMOTELY ACCESS THEY WILL DO IT BASED ON THE IP ADDRESS.

2. SSH IS CONFIGURE ON EVERY MODEL OF ROUTER AND SWITCH.

_____________________

CONFIGURATION

FIRST STEP

1. IP ADDRESS CONFIGURE  ON  A ROUTER.

2. SSH CONFIGURE ON ROUTER.

3. REMOTELY ACCESS SSH IN CLIENT PC

SECOND STEP

1. IP ADDRESS CONFIGURE ON SWITCH.

2. SSH CONFIGURE ON SWITCH.

3. REMOTELY ACCESS IN CLIENT LAPTOP.

_______________________


FIRST STEP

IP ADDRESS ON ROUTER 192.168.1.1

CLIENT PC IP ADDRESS IS 192.168.1.2 
_____________________

ROUTER



GO TO ROUTER CLI INTERFACE AND AFTER THIS CONFIGURATION MODE

IP ADDRESS ASSIGN A ROUTER

router(config)# inter gig0/0
router(config)#  ip address 192.168.1.1 255.255.255.0
router(config)#  no shutdown

SSH CONFIGURATION

router(config)#   hostname ssh-router
ssh-router(config)#  username manan password 1234
ssh-router(config)#   enable password ccna
ssh-router(config)#   ip domain name corvit
ssh-router(config)#   crypto key generate rsa 1024


The crypto key generate rsa command is used to generate an RSA key pair on a Cisco router. The RSA key pair is used for secure communication, such as SSH and IPsec.

To generate an RSA key pair, you will need to specify the following parameters:

  • Key modulus size: The size of the key modulus in bits. The key modulus size must be in the range of 360 to 2048 bits.
  • Key label: A label for the key pair. The key label is used to identify the key pair when using it for secure communication.

ENABLE SSH COMMAND

ssh-router(config)#  line vty 0 1
ssh-router(config)#  transport input ssh
ssh-router(config)#   login local

GO TO PC AND  ASSIGN A IP ADDRESS AND AFTE THIS CLICK THE "DESKTOP" AFTER THIS CLICK "Telnet / SSH Client"



AFTER THIS "Connection Types" SELECT A "SSH" AND GO TO DOWN BOX

ENTER THIS  ROUTER IP ADDRESS (192.168.1.1) AND GO TO DWON BOX 

ENTER THIS USERNAME OF ROUTER (manan)

SO FINALLY CLICK A "Connect" BUTTON




ENTER THE PASSWORD OF USERNAME (1234)

AFTER THIS ENTER HIS " enable "

ssh-router>enable

ENTER THE ENABL PASSWORD  " ccna  "

Password: ccna

FINALLY REMOTE ACCESS THE ROUTER

 ssh-router#

______________________

STEP 2

CONFIGURE THE IP ADDRESS OF SWITCH IN ROUTER IP ADDRESS RANGE

IP ADDRESS SWITCH IS 192.168.1.5 255.255.255.0

BUT NOT A SWITCH INTERFACE IP ADDRESS ASSSIGN RATHER ASSIGN A INTER VLAN OF SWITCH ASSIGN IP ADDRESS.


 SWITCH

GO TO SWITCH CLI INTERFACE AND AFTER THIS GO TO CONFIGURATION MODE AND ENTER THS COMMANDS

Switch(config)#inter vlan 1

Switch(config-if)#ip add

Switch(config-if)#ip address 192.168.1.5 255.255.255.0

Switch(config-if)#no sh


SSH CONFIGURATION

switch(config)#   hostname switch-ssh
switch-ssh(config)#  username wahab password 6789
switch-ssh(config)#   enable password hanan
switch-ssh(config)#   ip domain name loafology
switch-ssh(config)#   crypto key generate rsa 1024

ENABLE SSH COMMAND

switch-ssh(config)#  line vty 0 3
switch-ssh(config)#  transport input ssh
switch-ssh(config)#   login local

GO TO PC AND  ASSIGN A IP ADDRESS AND AFTE THIS CLICK THE "DESKTOP" AFTER THIS CLICK "Telnet / SSH Client"



AFTER THIS "Connection Types" SELECT A "SSH" AND GO TO DOWN BOX

ENTER THIS  ROUTER IP ADDRESS (192.168.1.5) AND GO TO DWON BOX 

ENTER THIS USERNAME OF ROUTER (wahab)

SO FINALLY CLICK A "Connect" BUTTON



ENTER THE PASSWORD OF USERNAME (6789)

AFTER THIS ENTER HIS " enable "

switch-ssh>enable

ENTER THE ENABL PASSWORD  " hanan  "

Password: hanan

FINALLY REMOTE ACCESS THE SWITCH

switch-ssh#


CONFIGURATION COMPLETED SSH SWITCH AND ROUTER

___________________________



Comments

Post a Comment

Popular posts from this blog

BRIDGE MODE AND NAT MODE AP

  BOTH BRIDGE MODE AND NAT MODE ARE WAYS TO CONFIGURE AN ACCESS POINT (AP) TO EXTEND A NETWORK, BUT THEY DIFFER IN HOW THEY HANDLE IP ADDRESSES AND NETWORK TRAFFIC: BRIDGE MODE: CONCEPT: ACTS AS A TRANSPARENT BRIDGE, SIMPLY RELAYING DATA BETWEEN WIRED AND WIRELESS DEVICES. IP ADDRESS: DEVICES OBTAIN THEIR IP ADDRESSES FROM AN UPSTREAM DHCP SERVER, TYPICALLY THE MAIN ROUTER ON THE NETWORK. NETWORK TRAFFIC: ALL DEVICES, BOTH WIRED AND WIRELESS, ARE SEEN AS PART OF THE SAME NETWORK AND CAN DIRECTLY COMMUNICATE WITH EACH OTHER. BENEFITS: SEAMLESS ROAMING: DEVICES CAN EFFORTLESSLY SWITCH BETWEEN APS WITHOUT LOSING THEIR IP ADDRESS OR CONNECTION. SIMPLIFIED NETWORK MANAGEMENT: ALL DEVICES ARE ON THE SAME SUBNET, MAKING CONFIGURATION AND TROUBLESHOOTING EASIER. INCREASED COMPATIBILITY: WORKS WITH DEVICES THAT DON'T SUPPORT NAT TRAVERSAL (E.G., SOME VPN CLIENTS). DRAWBACKS: LESS SECURITY : ALL DEVICES ARE DIRECTLY EXPOSED TO EACH OTHER, POTENTIALLY INCREAS
Post a Comment
Read more

What Is A Ip Excluded Address

  AN IP EXCLUDED ADDRESS IS AN IP ADDRESS THAT HAS BEEN CONFIGURED ON A DHCP SERVER TO BE EXCLUDED FROM THE POOL OF ADDRESSES THAT CAN BE ASSIGNED TO DHCP CLIENTS.  THIS IS TYPICALLY DONE TO RESERVE IP ADDRESSES FOR SPECIFIC DEVICES, SUCH AS PRINTERS, SERVERS, OR OTHER NETWORK DEVICES THAT NEED TO HAVE A STATIC IP ADDRESS. IP EXCLUDED ADDRESSES CAN ALSO BE USED TO PREVENT DHCP CLIENTS FROM RECEIVING IP ADDRESSES THAT ARE ALREADY IN USE BY OTHER DEVICES ON THE NETWORK.  THIS CAN HELP TO AVOID IP ADDRESS CONFLICTS AND IMPROVE NETWORK PERFORMANCE. TO CONFIGURE AN IP EXCLUDED ADDRESS ON A DHCP SERVER, YOU WILL NEED TO KNOW THE IP ADDRESS THAT YOU WANT TO EXCLUDE. ONCE YOU HAVE THE IP ADDRESS, YOU CAN USE THE APPROPRIATE DHCP SERVER CONFIGURATION COMMANDS TO ADD THE IP ADDRESS TO THE EXCLUSION LIST. SOME EXAMPLES OF WHEN YOU MIGHT WANT TO USE IP EXCLUDED ADDRESSES: TO RESERVE AN IP ADDRESS FOR A SPECIFIC DEVICE, SUCH AS A PRINTER OR SERVER. TO PREVENT DHCP CLIENTS FROM RECEIVING I
Post a Comment
Read more

DOS AND DDOS ATTACK

A Dos (Denial-Of-Service) Attack and A DDOS (Distributed Denial-Of-Service) Attack Are Both Attempts to Make a Computer System or Network Resource Unavailable to Legitimate Users. However, They Differ in How They Achieve This: Dos Attack: Imagine A Single Person Throwing Rocks at A Castle Gate. A This Person Represents the Attacker, And the Rocks Represent the Malicious Traffic. The Castle Gate Represents the Target System or Network Resource. The Attacker Keeps Throwing Rocks, Trying to Overwhelm the Gate's Defenses and Gain Entry. Dos Attacks Are Typically Launched from A Single System. They Can Be Effective Against Small Systems or Networks, But Larger Systems Can Often Withstand Them. DDos Attack: Imagine An Army Throwing Rocks at A Castle Gate. This Army Represents the Attacker, And the Rocks Represent the Malicious Traffic. The Castle Gate Represents the Target System or Network Resource. The Attackers Coordinate Their Attack, Throwing Rocks from Multiple Directions at Once.
Post a Comment
Read more