Anyone know when inband communication with Cisco routers and switches will be encrypted by default? I am referring to the use of SSH and SCP as a replacement for Telnet and FTP/TFTP.

Thanks for the info. I used Putty as client to connect from PC to router. What CLI do I use to connect from one router to the another router?

TIA

-- Tho Tran --

You can use

ssh

there are a few options you can use with ssh from a router to a router, i can't remeber them at the moment, i think "ssh -l des" specificies the cipher

best to enter "ssh ?" from the cli

HTH

Paddy

Paddy,

Do I need to do this for both routers? Why do we need domain-name (just curious)?

--Tho Tran --

#ip domain-name

then create your key

#crypto key gen rsa

then allow telnet to your vty lines and perhaps disable telnet.

#line vty 0 4

#transport input ssh

You would need to do this on both routers.

The simple answer about why you need the domain name is that generating RSA keys requires a domain name and you can not generate keys until you configure a domain name. Explaining why RSA requires a domain name to generate keys is quite complicated and has to do with how they identify the key contents.

HTH

Rick

Everything is up and running. Thanks all for your help but I have one small question. It doesn't prompt username but password instead when I ssh from router to router but it prompt username when I use Putty from PC. It is kindda odd.

-- Tho Tran --