Here you can get the detailed information on Computers and Technology . Know the complete reviews and tips on Computers and Technology our articles are very clearly written posts that any one can understand. So learn more about Computers and Technology . read all blogs for get complete details......

Friday, December 26, 2008

How to Configure SSH (Secure Shell) For Remote Login on a Cisco Router

Prior to the introduction of SSH in the Cisco IOS, the only remote login protocol was Telnet. Although quite functional, Telnet is a non-secure protocol in which the entire session, including authentication, is in clear text and thus subject to snooping.

SSH is both a protocol and an application that replaces Telnet and provides an encrypted connection for remote administration of a Cisco network device such as a router, switch, or security appliance.

The Cisco IOS includes both an SSH server and an SSH client. This document is concerned only with the configuration of the SSH server component.

Prerequisites

Software

The SSH server component requires that you have an IPSec (DES or 3DES) encryption software image from Cisco IOS Release 12.1(1)T or later installed on your router. Advanced IP services images include the IPSec component. This document was written using c2800nm-advipservicesk9-mz.123-14.T5.bin.

Pre-configuration

You must configure a hostname and a domain name on your router. For example:

router#
router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
router01(config)#hostname router01
router01(config)#ip domain-name domain.local

You must also generate an RSA keypair for your router which automatically enables SSH. In the following example, note how the keypair is named for the combination of hostname and domain name that were previously configured. The modulus represents the key length. Cisco recommends a minimum key length of 1024 bits (even though the default key length is 512 bits):

router01(config)#
router01(config)#crypto key generate rsa
The name for the keys will be: router01.domain.local
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys ...[OK]

Finally, you must either use an AAA server such as a RADIUS or TACACS+ server or create a local user database to authenticate remote users and enable authentication on the terminal lines. For the purpose of this document, we'll create a local user database on the router. In the following example, the user "donc" was created with a privilege level of 15 (the maximum allowed) and given an encrypted password of "p@ss5678". (The command "secret" followed by "0" tells the router to encrypt the following plaintext password. In the router's running configuration, the password would not be human readable.) We also used line configuration mode to tell the router to use its local user database for authentication (login local) on terminals lines 0-4.

router01(config)#username donc privilege 15 secret 0 p@ss5678
router01(config)#line vty 0 4
router01(config-line)#login local

Enabling SSH

To enable SSH, you must tell the router which keypair to use. Optionally, you can configure the SSH version (it defaults to SSH version 1), authentication timeout values, and several other parameters. In the following example, we told the router to use the previously created keypair and to use SSH version 2:

router01(config)#
router01(config)#ip ssh version 2
router01(config)#ip ssh rsa keypair-name router01.domain.local

You can now log on to your router securely using an SSH client such as TeraTerm.

Viewing SSH Configurations and Connections

You can use the privileged mode commands "view ssh" and "view ip ssh" to view SSH configurations and connections (if any). In the following example, the SSHv1 configuration from a Cisco 871 router is verified using "show ip ssh" and a single SSHv1 connection is displayed using the command "show ssh". Notice that we did not enable SSHv2 on this router, so it defaulted to SSH version 1.99. Also note in the output of the "show ssh" command that SSH version 1 defaults to 3DES. SSHv2 supports AES, a more robust and efficient encryption technology. SSHv2 is also not subject to the same security exploits as SSHv1. Best practice recommends the use of SSHv2 and disabling a dropback to SSHv1. Enabling SSHv2 disables SSHv1. This example is included only to demonstrate backwards compatibility:

router04#
router04#show ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
router04#
router04#show ssh
Connection Version Encryption State Username
2 1.5 3DES Session started donc
%No SSHv2 server connections running.
router04#



Article Source: http://EzineArticles.com/?expert=Don_R._Crawley

Considering Purchasing a New Computer - 5 Tips to Better Computing

I consider myself pretty knowledgeable when it comes to purchasing computers and in all my interaction with people and computer related issues I always try to explain things as simply as possible. Sort of like the line in an old movie where the attorney asks the person he is cross examining to "explain it to me like I'm a baby".

So when it comes to purchasing a computer here are 5 tips that will help make your computing experience better.

1. Always check the specifications of the software you are going to run to determine the type of computer requirements you will need. Software specifications always dictate hardware requirements. Most people go out and buy the computer first then spend time trying to upgrade the machine to work with the software.
2. Buy the most current CPU you can afford (whether it be a desktop or notebook). If the software requires a certain processor speed (ex. 1.4Ghz) usually the next speed up can be purchased for a few dollars more.
3. Get as many of the whistles and bells you can on the front side as opposed to the back side even if you don't think you're going to need them at the time of purchase. It's usually easier and cheaper to upgrade memory, hard drive size, DVD writers, sound cards, video cards, etc. at the time of purchase than to have them added later down the road. A good example may be a 200Gb hard drive that can be upgraded at the time of purchase to a 250Gb drive for an additional $15. If you waited and upgraded at a later date when you started to running low on available disk space, because you began using your computer to store videos, music files and games, it would cost considerably more than $15 factoring in the cost of the new drive, having your current data backed up, having the new drive installed and finally having the data restored to the new drive.
4. Consider the extended warranty. Most consumer computers (those not specifically designed for corporate/business use) come with a standard 1 year warranty. The average life of a computer is generally 3 -5 years. Consider purchasing an extended warranty to cover the computer for at least 3 years. These can generally be purchased for $35-$50 a year.
5. If you don't already own antivirus and spyware software make sure you purchase, install and keep current on your computer.

Because computers have begun to play a more integral part in our lives, a few common sense practices at purchase time can go a long way in creating an enjoyable computing experience.



Article Source: http://EzineArticles.com/?expert=Reginald_Givhan