Friday, March 6, 2015

Difference between telnet and ssh - Telnet and SSH Configuration - Telnet Vs SSH

Telnet and Secure Shell (SSH) protocols have the same purpose. Both of them are used to communicate to a remote device. They are used mostly by network administrators to remotely access and manage devices such as routers, switches, servers.

Telnet is not secure because all the data would be sent in clear text including the passwords without authentication and encryption, but SSH is a secure protocol because it encrypts the data using authentication and encryption protocols.

SSH uses RSA for authentication , and encryption protocols such as DES and 3DES. The differences between telnet and SSH are shown in the table below

Telnet
SSH
Runs on port 23
Runs on port 22
No Authentication
With Authenticaion (public key)
No Encryption
With Encryption
Send data in plain text
Encrypts the data
Not secure
Secure

Configuring Telnet

R(config)#line vty 0 4
R(config-if)#password test!tariq
R(config-if)#login
R(config-if)#exit

Configuring SSH

1-you must have hostname and domain name configured on the router
R(config)#hostname tariq
tariq (config)#ip domain-name test.xwz
2-Create username and password in the router database
tariq(config)#username tariq privilege 15 secret tariq@123
3- Generate an RSA keypair with a key length of 1024 bits for authentication
tariq (config)#crypto key generate rsa modulus 1024
4-Enable login authentication against the local database of the router using the login local command and uses ssh protocol when logging in to a the terminal line using transport input ssh command.
tariq(config)#line vty 0 4
tariq (config-if)#login local
tariq (config-if)#transport input ssh
tariq (config-if)#exit

To show the version of ssh
tariq#sh ip ssh

To change the version of SSH from version 1 to version 2, since  SSH-2 features both security and feature improvements over SSH-1. Better security, for example, comes through Diffie Hellman key exchange and strong integrity checking via message authentication codes.
tariq(config)#ip ssh version 2

The Client uses putty, Tera Term, SecureCrt and others to login into the router using telnet or ssh .

To access a router remotely from another router, use the command
R#ssh -l username IP-address




For more details about how to configure telnet and SSH, watch the video

For more videos, visit my channel on youtube

No comments:

Post a Comment