GNS3 LAB: Configure SSH on cisco router

Posted By: Vivek Kathayat - 11:36
CONFIGURE SSH ON CISCO ROUTER 


DESCRIPTION 

 [+] In this tutorial, you will learn about the SSH.
[+] First the network design.
[+] Second we cover all the steps of configuring ssh.
[+] Third we access router through SSH.
[+] We also see some of the commands that are helpful for us.
[+] This is not the end, now we enumerate the ssh protocol using nmap tool.
[+] At last we will see how to configure the sshv2 on cisco router and see the nmap scanning result one more time.

NETWORK SCENARIO

  • This is our network scenario,  We use GNS3, one router, one virtual machine, create a 10.0.0.0 network. 
  • See the below image for more help-



CHANGE THE HOSTNAME 

 R1(config)#hostname router2

router2(config)#


 SET DOMAIN NAME 
router2(config)#ip domain-name hackingdna.com

GENERATE RSA CERTIFICATE

 In this step we generate rsa keys that will use in SSH process.

Command

 router2(config)#crypto key generate rsa general-keys modulus 1024
router2(config)#end
router2#

CONFIGURE TRANSPORT INPUT PROTOCOLS ON VTY LINES

router2(config)#line vty 0 4
router2(config-line)#login local
router2(config-line)#end
router2#

CREATE USER 

router2(config)#username admin privilege 15 secret password
router2(config)#end
router2#

CONFIGURE INTERFACE

router2(config)#int f0/0
router2(config-if)#ip add 10.0.0.1 255.0.0.0
router2(config-if)#no shut
router2(config-if)#exit
router2(config)#

CONFIGURE DHCP POOL

router2(config)#ip dhcp pool networkdna
router2(dhcp-config)#network 10.0.0.0
router2(dhcp-config)#dns-server 10.0.0.1
router2(dhcp-config)#default-router 10.0.0.1
router2(dhcp-config)#exit

ACCESS ROUTER USING SSH 


SHOW SSH COMMAND 


SMALL ASSESSMENT THROUGH NMAP TOOL

NMAP RESULT
  • We perform a stealth scan using nmap to see the open ports on a cisco device.
  • See the below image, it shows that port 22 (SSH) and port 23(TELNET) are opened.

VERSION SCAN RESULT 
  • Observe the below image, this scan will give some extra information i.e it's showing SSH version information which is very helpful for every enumeration process.
  • Remember: The more information you collect, more good for your VAPT process.

SCRIPT SCAN 
  • In this scan observe sshv1 detected by nmap.
  • See the below image for more help:

CONFIGURE SSH VERSION 2 

COMMAND
router2(config)#ip ssh version 2
router2(config)#exit
router2#

AFTER CONFIGURE SSH VERSION 2


AT THE END 

I hope this tutorial will help lots of young people who are new to information security.
Lots more tutorials are still to come. Keep following us.
If you like this tutorial you can join us through our facebook channels. Links are below.

THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSES ONLY/-

Filled Under

About Vivek Kathayat

Organic Theme is officially developed by Templatezy Team. We published High quality Blogger Templates with Awesome Design for blogspot lovers.The very first Blogger Templates Company where you will find Responsive Design Templates.

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Copyright © 2015 NetworkingDNA

Designed by Templatezy | Distributed By Gooyaabi Templates