Telnet and Secure Shell (SSH) protocols have the same purpose. Both of them are used to communicate to a remote device. They are used mostly by network administrators to remotely access and manage devices such as routers, switches, servers.
Telnet is not secure because all the data would be sent in clear text including the passwords without authentication and encryption, but SSH is a secure protocol because it encrypts the data using authentication and encryption protocols.
SSH uses RSA for authentication , and encryption protocols such as DES and 3DES. The differences between telnet and SSH are shown in the table below
Telnet
|
SSH
|
Runs on port 23
|
Runs on port 22
|
No Authentication
|
With Authenticaion (public key)
|
No Encryption
|
With Encryption
|
Send data in plain text
|
Encrypts the data
|
Not secure
|
Secure
|
Configuring Telnet
R(config)#line vty 0 4
R(config-if)#password test!tariq
R(config-if)#login
R(config-if)#exit
Configuring SSH
1-you must have hostname and domain name configured on the router
R(config)#hostname tariq
tariq (config)#ip domain-name test.xwz
2-Create username and password in the router database
tariq(config)#username tariq privilege 15 secret tariq@123
3- Generate an RSA keypair with a key length of 1024 bits for authentication
tariq (config)#crypto key generate rsa modulus 1024
4-Enable login authentication against the local database of the router using the login local command and uses ssh protocol when logging in to a the terminal line using transport input ssh command.
tariq(config)#line vty 0 4
tariq (config-if)#login local
tariq (config-if)#transport input ssh
tariq (config-if)#exit
To show the version of ssh
tariq#sh ip ssh
To change the version of SSH from version 1 to version 2, since SSH-2 features both security and feature improvements over SSH-1. Better security, for example, comes through Diffie Hellman key exchange and strong integrity checking via message authentication codes.
tariq(config)#ip ssh version 2
The Client uses putty, Tera Term, SecureCrt and others to login into the router using telnet or ssh .
To access a router remotely from another router, use the command
R#ssh -l username IP-address
For more details about how to configure telnet and SSH, watch the video
For more videos, visit my channel on youtube
https://www.youtube.com/channel/UCl25WPPKY4jnkGf32DnXU5w
To get automatic updates on Facebook, join netsyshorizon group
https://www.facebook.com/groups/954180217947066/
To get automatic updates on Facebook, join netsyshorizon group
https://www.facebook.com/groups/954180217947066/
No comments:
Post a Comment