Дерево страниц

Сравнение версий

Ключ

  • Эта строка добавлена.
  • Эта строка удалена.
  • Изменено форматирование.

...

Блок кода
esr(config)# no ip telnet server

Scroll Pagebreak

Отключаем устаревшие и не криптостойкие алгоритмы:

Блок кода
esr(config)# ip ssh server
esr(config)# ip ssh authentication algorithm md5 disable
esr(config)# ip ssh authentication algorithm md5-96 disable
esr(config)# ip ssh authentication algorithm ripemd160 disable
esr(config)# ip ssh authentication algorithm sha1 disable
esr(config)# ip ssh authentication algorithm sha1-96 disable
esr(config)# ip ssh authentication algorithm sha2-256 disable
esr(config)# ip ssh encryption algorithm 3des disable
esr(config)# ip ssh encryption algorithm aes128 disable
esr(config)# ip ssh encryption algorithm aes128ctr disable
esr(config)# ip ssh encryption algorithm aes192 disable
esr(config)# ip ssh encryption algorithm aes192ctr disable
esr(config)# ip ssh encryption algorithm aes256 disable
esr(config)# ip ssh encryption algorithm arcfour disable
esr(config)# ip ssh encryption algorithm arcfour128 disable
esr(config)# ip ssh encryption algorithm arcfour256 disable
esr(config)# ip ssh encryption algorithm blowfish disable
esr(config)# ip ssh encryption algorithm cast128 disable
esr(config)# ip ssh key-exchange algorithm dh-group-exchange-sha1 disable
esr(config)# ip ssh key-exchange algorithm dh-group1-sha1 disable
esr(config)# ip ssh key-exchange algorithm dh-group14-sha1 disable
esr(config)# ip ssh key-exchange algorithm ecdh-sha2-nistp256 disable
esr(config)# ip ssh key-exchange algorithm ecdh-sha2-nistp384 disable
esr(config)# ip ssh key-exchange algorithm ecdh-sha2-nistp521 disable
esr(config)# ip ssh host-key algorithm dsa disable
esr(config)# ip ssh host-key algorithm ecdsa256 disable
esr(config)# ip ssh host-key algorithm ecdsa384 disable
esr(config)# ip ssh host-key algorithm ecdsa521 disable
esr(config)# ip ssh host-key algorithm ed25519 disable

Scroll Pagebreak
Генерируем новые ключи шифрования:

Блок кода
esr# update ssh-host-key rsa
esr# update ssh-host-key rsa 2048

Scroll Pagebreak

Настройка механизмов защиты от сетевых атак

...