Options

setting up ssh,what command am i missing

pinkiaiiipinkiaiii Member Posts: 216
in CCNA & CCENT
anyway preparing for 1semester exam and one of tasks will be to configure ssh and protection for it.
thats the first commands i use,then configure console and vty line with passwords, login-local, exec-timout,but when i try to ssh into router trough cmd on packet tracer it asks me for password and once i input that i straight away get into privileged-exec mode #
instead of user-exec >

commands as said are below any input is appreciated,since its my first post here.


enable
config t
banner motd #
************************
no unauthorized access

************************#
hostname R1
no ip domain-lookup

ip domain-name CCNA-lab.com
username admin privillege 15 secret cisco19999
crypto key generate rsa 1024
security passwords min-length 10
· Share on FacebookShare on Twitter

Comments

  • Options
    OctalDumpOctalDump Member Posts: 1,722
    Is it because you have created your user "admin" with privilege level of 15? That would mean that user has enable privilage by default.

    Can you show output of your vty lines?
    2017 Goals - Something Cisco, Something Linux, Agile PM
    · Share on FacebookShare on Twitter
  • Options
    TWXTWX Member Posts: 275 ■■■□□□□□□□
    Correct, defining privilege level for the user as fifteen means that the user is in privileged exec mode on logging in.

    Create another user without specifying privilege level and you'll come in at user exec.
    Charts: IPv4 Subnet | IPv6 EUI64 Bitflip
    Spanning Tree: BID and Priority | Path Cost Tie
    · Share on FacebookShare on Twitter
  • Options
    pinkiaiiipinkiaiii Member Posts: 216
    thank you for the responses,yeah on papers we were given privillege but no one really cared to explain why or what levels whats access grants whats.
    My all passwords woul been set as username admin privillege 15 password xxxx login local.

    Now second issue i have in packet tracer since no real lab at home,is when i create different vlsms say /27 then /28 when i run simulations i cant ping different subnets,and in most cases router wont even forward packets into another subnet-while it works fine if say all subnets belong to /25 but if i add another one with /26 can ping only pcs connected within switch and router wont even forward them,thats without using any routing protocols,and as far as i know ripv1 doesnt support vlsm,so would that seem correct ?
    as course im doing is part time and is really rushed over lecturers just fly trough netacad files and rest is basically lear from the book.since only started subenting and vlsm two weeks ago and already we have first semester exam.
    · Share on FacebookShare on Twitter
  • Options
    TWXTWX Member Posts: 275 ■■■□□□□□□□
    If I am remembering correctly RIP version 1 does not support VLSM while RIP version 2 does support it. RIP was basically glossed-over in the curriculum for the course I took, its existence was mentioned, its falling into the category of distance-vector was mentioned, and its limitations (hop count without any consideration for bandwidth, delay, or any other factors, poor timing, lack of true convergence compared to EIGRP and OSPF) were also mentioned. We did no configuration of RIP at all, jumping right in with OSPF as our first routing protocol.
    Charts: IPv4 Subnet | IPv6 EUI64 Bitflip
    Spanning Tree: BID and Priority | Path Cost Tie
    · Share on FacebookShare on Twitter
  • Options
    pinkiaiiipinkiaiii Member Posts: 216
    Thanks man that explains a lot,i think its more of semester 2 to start connecting different networks that all of it will be covered.

    Only issues now with ssh,i did remove the privilege so once doing ssh i seem to get two scenarios one where i get in into user-exec mode and cant enter password or it says its not set,or i enter ssh crypto generated password without privileges and get into global exec.seems im missing order in which i input commands.heres a list how i do them:

    enable
    config t
    banner motd #
    ************************
    no unauthorized access

    ************************#
    hostname R1
    no ip domain-lookup

    ip domain-name CCNA-lab.com
    username admin password cisco19999
    crypto key generate rsa 1024
    security passwords min length (icon_cool.gif
    Login block-for 30 attempts 2 within 120

    line con 0
    password cisco12344
    exec-timout 5 0
    login local
    exit

    line vty 0 4
    transport input ssh
    password cisco56788
    exec-timeout 5 0
    login local

    interface g0/0
    ip address 192.168.1.1 255.255.255.0
    des r1 to switch1
    no shutdown

    thats the usual order id do stuff,but as said results are either user or global mode not asking one and another after using router 1941 2960-switch ,Also switch it wont take some of the commands like min password lenght,login block attempts .

    So any feedback is really appreciated,where im getting wrong with this

    i managed to do ok on pretest exam but am lacking a lot in router messages and ipv4-6 general understanding and this puts a good bit of pressure,since as said course is part time and with class of over 20 people lecturers are little to no help,even thou it might sound basic,but a lot of stuff that we get its written down rest is go figure.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.