Packet Tracer – Configuring Secure Passwords and SSH
Addressing Table
Scenario
The network administrator has asked you to prepare RTA for deployment. Before it can be connected to the network, security measures must be enabled.
Requirements
· Configure IP addressing on PCA according to the Addressing Table.
· Console into RTA from the Terminal on PC-A.
· Configure IP addressing on RTA and enable the interface.
· Configure the hostname as RTA.
· Encrypt all plaintext passwords.
RTA(config)# service password-encryption
· Set a strong secret password of your choosing.
· Set the domain name to RTA.com (case-sensitive for scoring in PT).
RTA(config)# ip domain-name RTA.com
· Create a user of your choosing with a strong password.
RTA(config)# username any_user password any_password
· Generate 1024-bit RSA keys.
Note: In Packet Tracer, enter the crypto key generate rsa command and press Enter to continue.
RTA(config)# crypto key generate rsa
· Block anyone for three minutes who fails to log in after four attempts within a two-minute period.
RTA(config)# login block-for 180 attempts 4 within 120
· Configure the VTY lines for SSH access and use the local user profiles for authentication.
RTA(config)# line vty 0 4
RTA(config-line)# transport input ssh
RTA(config-line)# login local
· Save the configuration to NVRAM.
· Be prepared to demonstrate to your instructor that you have established SSH access from PCA to RTA.
Isomorph ID: 10
Instructions:
[alert-announce]

Router>enable
Router#configure terminal
Router(config)#interface gigabitEthernet0/0
Router(config-if)#ip add 192.168.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exitRouter(config)#hostname RTA
RTA(config)#service password-encryptionRTA(config)#enable secret cl@ss
RTA(config)#ip domain-name RTA.com
RTA(config)#username any_user password cisco
RTA(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024RTA(config)#login block-for 180 attempts 4 within 120
RTA(config)#line vty 0 4
RTA(config-line)#transport input ssh
RTA(config-line)#login local
RTA(config-line)#exit
RTA(config)#exitRTA#copy running-config startup-config
[/alert-announce]