[liberationtech] Question re Cisco auth and remote login best-practices
MAR MARINE
gerencia at marmarine.com.gt
Mon Sep 23 07:33:27 PDT 2013
Good Morning,
Come by the office and we will help you in setting up your router.
Mar Marine
2013/9/22 Paul Ferguson <fergdawgster at mykolab.com>
> On 9/22/2013 10:32 PM, Bill Woodcock wrote:
>
>
>> So, if we assume the worst, and figure we're just doing damage-control
>> and minimizing a large problem, what are the best-practices to follow in
>> configuring Cisco routers in remote locations?
>>
>> Generate max-length (4096-bit?) RSA keys on them, for the SSH sessions…
>>
>> Use remote auth to do command-by-command authorization, no level-15
>> logins?
>>
>> Run TACACs over IPsec? Over something else?
>>
>>
> Locally trusted human. :-)
>
> - ferg
>
>
>
> --
> Paul Ferguson
> Vice President, Threat Intelligence
> Internet Identity, Tacoma, Washington USA
> IID --> "Connect and Collaborate" --> www.internetidentity.com
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated: https://mailman.stanford.edu/**
> mailman/listinfo/**liberationtech<https://mailman.stanford.edu/mailman/listinfo/liberationtech>.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
--
*ATE:*
*
*
* MARILÚ MAZARIEGOS *
* ASISTENTE G. G.*
*Administración** Mar Marine Yacht Club*
*TEL.: (502) 79305091 - 79305088*
*E-mail: gerencia at marmarine.com.gt - info at marmarine.com.gt*
*www.marmarine.com.gt /
*https://www.facebook.com/mar.marine<https://www.facebook.com/mar.marine.9>
*
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130923/b73e85ee/attachment.html>
More information about the liberationtech
mailing list