6.1.a Implement and troubleshoot device management

6.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP

You can use the SSH server to enable an SSH client to make a secure, encrypted connection to a Cisco IOS device. SSH uses strong encryption for authentication. The SSH server in the Cisco IOS software can interoperate with publicly and commercially available SSH clients. There are three steps that need to be taken to enable SSH, i.e. generate a crypto key, configure a domain name, and configure VTY line( s) to use transport SSH (using transport input command).

The user authentication mechanisms supported for SSH are RADIUS, TACACS +, and the use of locally stored usernames and passwords. The behavior of SCP is similar to that of remote copy (rcp), which comes from the Berkeley r-tools suite, except that SCP relies on SSH for security. In addition, SCP requires that authentication, authorization, and accounting (AAA) authorization be configured so the router can determine whether the user has the correct privilege level.

The HTTP 1.1 Web Server and Client feature provides a consistent interface for users and applications by implementing support for HTTP 1.1 in Cisco IOS software-based devices. When combined with the HTTPS feature, the HTTP 1.1 Web Server and Client feature provides a complete, secure solution for HTTP services between Cisco devices.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5509-5515).  . Kindle Edition.