Search

How to configure passwords to secure Cisco Router



How to limit password length on Cisco router.
r1(config)#security passwords min-length 9

r1(config)#username satish password redhat

% Password too short - must be at least 9 characters. Password not configured.

r1(config)#username satish password redhat123456

Now you can see you cannot assign password whose lenght is less than 9 character.
How to password protect Console Port.

To configure the console password, follow these steps.

Router(config)# line console 0
 Router(config-line)# password CISCO
 Router(config-line)# login
 Router(config-line#Ctrl-Z
 Router#
How to password protect Auxilary (AUX Port) Port

To configure the auxilary password, follow these steps.

Router#config t
 Router(config)#line aux 0
 Router(config-line)#password cisco
 Router(config-line)#login
 Router(config-line)# Ctrl-Z
 Router#
How to password protect VTY Ports (Telnet Ports)

Configuring the VTY password is very similar to doing the Console and Aux ones. The only difference is that there are 5 VTY virtual ports, which are named 0, 1, 2, 3, and 4. You can use the shortcut 0 4 (a zero, a space, and 4) to set all 5 passwords at the same time.

To configure the VTY password, follow these steps.
Router#config t
 Router(config)#line vty 0 4
 Router(config-line)#password cisco
 Router(config-line)#login
 Router(config-line)# Ctrl-Z
 Router#
How to password protect Privileged Mode

The Enable Password is the old form of the password for “Privileged Mode”. Here the password is stored un-encrypted.

Router#config t
 Router(config)#enable password cisco
 Router(config-line)# Ctrl-Z
 Router#
Enable Secret provides better security since password is kept encrypted.
Router#config t
 Router(config)#enable secret cisco
 Router(config-line)# Ctrl-Z
 Router#

Encrypting Passwords

You want to encrypt passwords so that they do not appear in plain-text in the router configuration file.

To enable password encryption on a router, use the service password-encryption configuration command:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#enable password ccna123
Router(config)#line vty 0 4
Router(config-line)#password ccna
Router(config-line)#line con 0
Router(config-line)#password linux
Router(config-line)#line aux 0
Router(config-line)#password hacking
Router(config-line)#exit
Router(config)#service password-encryption
Router(config)#end
Router#

For more depth analysis visit SOURCE : 1 An Ethical hacker should know the penalties of unauthorized hacking into a system. Read more at: Legality and Ethics #ciscopackettracer #ciscoswitch #networking #virtualassistant #virtualsimulation #ccna #ccnacertification #cisco #learningatcisco #icnd2 #ospf #routingandswitching #ciscocert #labeveryday #crimping #rj45 #cabling #infrastructure #subnetting #ping #tracert #cmd #ibm #mikrotik #serverlife #routing #switching #fibre #ipv4 #shell ********************************************************************************************************************* For more tricks and update over hacking stay tuned to our site: Note 4 Tech