Revision 349899 of "Sandbox" on testwiki

Guide to better security on Cisco devices:

https://supportforums.cisco.com/t5/security-documents/guide-to-better-ssh-security/ta-p/3133344

== ASA ==

=== !!!SSH!!! ===
crypto key generate rsa modulus 4096

ssh version 2

ssh key-exchange group dh-group14-sha1

ssh cipher encryption custom aes256-ctr

ssh cipher integrity custom hmac-sha1

=== !!!TLS!!! ===
ssl server-version tlsv1-only

ssl client-version tlsv1-only

== IOS v12 ==

==IOS v15==

=== !!!SSH!!! ===
crypto key generate rsa label SSH-KEY modulus 4096

ip ssh rsa keypair-name SSH-KEY

ip ssh version 2

ip ssh dh min size 4096

ip ssh logging events

line vty 0 15

  transport input ssh

ip ssh server algorithm encryption aes256-ctr

ip ssh server algorithm mac hmac-sha1

Crypto key generate rsa general mod 2048

!ip ssh ver 2
!ip ssh server algorithm mac hmac-sha1
!ip ssh server algorithm encryption aes256-ctr
!ip ssh dh min size 

2048

=== <nowiki>=== !!!TLS!!! ===</nowiki> ===
!test

!test

!test

==NEXUS ==

=== !!!SSH!!! ===
ssh key rsa 2048 force

=== !!!TLS!!! ===Hello Wikipedia. I am alive!

All content in the above text box is licensed under the Creative Commons Attribution-ShareAlike license Version 4 and was originally sourced from https://test.wikipedia.org/w/index.php?oldid=349899.

This site is not affiliated with or endorsed in any way by the Wikimedia Foundation or any of its affiliates. In fact, we fucking despise them.