So, if we assume the worst, and figure we're just doing damage-control and
minimizing a large problem, what are the best-practices to follow in
configuring Cisco routers in remote locations?
Generate max-length (4096-bit?) RSA keys on them, for the SSH sessions…
Use remote auth to do command-by-command authorization, no level-15 logins?
Run TACACs over IPsec? Over something else?
-Bill
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
