Hi,

thanks for input. Ok, when I do what is proposed in that link it would look like this (my IOS version is 12.2):

rtr(config)#crypto key generate rsa label SSH-KEY modulus 2048
rtr(config)#ip ssh rsa keypair-name SSH-KEY
rtr(config)#ip ssh version 2
rtr(config)#ip ssh dh min size 2048
rtr(config)#line vty 0 4
rtr(config)#transport input ssh
!
rtr(config)#username USER password PASS
rtr(config)#username USER algorithm-type sha256 secret VERYSECUREPASSWORD
rtr(config)#username USER secret VERYSECUREPASS
!

These settings would not interfere or collide with the current settings? My fear is to get locked out or of being forced to do a password reset which would cause some trouble here.

What I do not understand is the necessity to give users two passwords. In our case there is only one password for network devices, so I need to "invent" a second one, but for what purpose? I understand the difference between enable and config password - is it that what is meant above?

Last question: Are both passwords ("PASS" and "VERYSECUREPASS") encrypted if someone does a "show run"?

Thanks for your patience,
Stefano

Thanks to all of you, did not expect so much engagement for beginner questions. That was excellent for my understanding and with that I finally was able to setup what is needed (with fewer commands as expected):

no ip domain-lookup
interface Vlan1
ip address 192.168.1.2 255.255.255.0
no shutdown
!
ip default-gateway 192.168.1.1
!
ip domain-name test.com
crypto key generate rsa general-keys modulus 2048
! the old system does not allow more than 2048
!
username admin secret xyz
enable secret xyz
!
line vty 0 4
login local
transport input ssh
!
line con 0
login local

After that I indeed could login only via console or SSH, a user password and enable password was set and both where "view protected".

Regards,
Stefano

What Karsten just said is correct. You would only need the last command (as you wouldn't want to have plain-text passwords in your config). Service password-encryption can be used to hide the plain-text password, but that is still insecure. You should always use the secret commands.

The rest of your configuration should work. You don't actually need the "ip ssh dh min size 2048" command. It will work without it.

What you do need to do before you configure SSH is configuring a hostname and a domain name on the switch. So the following should be done:

hostname SOMEHOSTNAME

ip domain name SOMEDOMAINNAME.COM

If you're afraid that your config will lock you out you can schedule a reboot with the "reload in" or "reload at" command. If the configuration you applied works you can cancel the reboot with the "reload cancel" command. 

You don't actually need the "ip ssh dh min size 2048" command. It will work without it.

Well, there is very much not needed. But it'll make the SSH-setup more secure.

What you do need to do before you configure SSH is configuring a hostname and a domain name on the switch

That is actually also not needed in this setup.

I haven't seen a switch that didn't require a hostname and a domain name before generating a RSA key yet, but I believe you :-)

the ip ssh dh min size command will make it more secure, but also more difficult to manage (since like you say some tools won't be able to cope with it). Depending on the environment in which it is used that can be a reason not to use the command. Although I agree with you on the 'bigger is better' sentiment and the fact that DH 768 isn't state of the art anymore, breaking DH 768 is still a big challenge. Research has shown that a properly prepared attack is able to break DH 512 in a minute, DH 768 is still another cup of tea (but perfectly capable for anybody willing to invest in it). If Gregor is able to use stronger crypto in his environment he should definitely do it, but he should not do it without taking notice of the increased administrational challenges.

The paper itself is an interesting read: https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf 

The host/domain-name is not needed because the key has a label. Without a label you are correct, then it's needed to specify the host/domain-name.

I've never had any issues with a 2048 bit DH in SSH regardless of the client. Only 4096 Bit caused some trouble with older Putty-versions. I'm pretty sure 2048 ist safe for production without any administrative burden.

Hi,

Karsten is absolutely right about password:

The first command would configure a cleartext password (which could be hidden with "service password-encryption").

The second command configures the user with the strongest to crack password. But your IOS won't support that command. The third command configures the password as a MD5 hash. Which is recommended to use.

With reference to your query, you can define only one password (either with plain text one or md5 one). No need to configure multiply password.

In any case if you loss the password you need to do password recovery procedure.

Thanks & Best regards.