華為設備SSH的實施
阿新 • • 發佈:2019-03-03
server lac local vlan 第一次 設備 vpd enter 51cto 
1.配置設備ip
<AR1>system-view //進入系統視圖
[AR1]interface GigabitEthernet 0/0/0 //進入GigabitEthernet 0/0/0接口配置
[AR1-GigabitEthernet0/0/0]ip address 10.0.0.1 30 //配置IP為10.0.0.1/30
2.配置AR1的SSH
[AR1]aaa //進入aaa配置模式
[AR1-aaa]local-user zw password cipher 135113 privilege level 15 //創建用戶zw,密碼為135113,權限級別為15
[AR1-aaa]local-user zw service-type ssh //這個用戶服務於SSH
[AR1]stelnet server enable //開啟SSH服務
[AR1]ssh user zw authentication-type password //配置SSH用戶登錄驗證方式為密碼驗證
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y //密鑰名稱為:主機
%為主機定義的RSA密鑰已經存在。
確認更換?(是/否)[否]:是
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:768 //設置公鑰的大小,最低為768位
[AR1-ui-vty0-4]authentication-mode aaa //配置登錄方式為aaa模式
[AR1-ui-vty0-4]protocol inbound ssh //允許登錄SSH
3.用SW1做客戶端連接AR1的SSH服務
[SW1]ssh client first-time enable //第一次配置作為SSH客戶端登錄需要運行此命令
[SW1]stelnet 10.0.0.1 //連接到AR1的SSH服務器
Please input the username:zw //登錄用戶名為zw
The server is not authenticated. Continue to access it? [Y/N] :y服務器未通過身份驗證。繼續訪問?
Enter password: //輸入密碼
1.配置設備ip
<AR1>system-view //進入系統視圖
[AR1]interface GigabitEthernet 0/0/0 //進入GigabitEthernet 0/0/0接口配置
[AR1-GigabitEthernet0/0/0]ip address 10.0.0.1 30 //配置IP為10.0.0.1/30
[SW1]interface Vlanif 1 //進入vlan1邏輯接口配置
[SW1-Vlanif1]IP address 10.0.0.2 30 //配置IP為10.0.0.2/30
測試連通性:
[SW1-Vlanif1]ping 10.0.0.1
PING 10.0.0.1: 56 data bytes, press CTRL_C to break
2.配置AR1的SSH
[AR1]aaa //進入aaa配置模式
[AR1-aaa]local-user zw password cipher 135113 privilege level 15 //創建用戶zw,密碼為135113,權限級別為15
[AR1-aaa]local-user zw service-type ssh //這個用戶服務於SSH
[AR1]stelnet server enable //開啟SSH服務
[AR1]ssh user zw authentication-type password //配置SSH用戶登錄驗證方式為密碼驗證
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y //密鑰名稱為:主機
%為主機定義的RSA密鑰已經存在。
確認更換?(是/否)[否]:是
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:768 //設置公鑰的大小,最低為768位
[AR1-ui-vty0-4]authentication-mode aaa //配置登錄方式為aaa模式
[AR1-ui-vty0-4]protocol inbound ssh //允許登錄SSH
3.用SW1做客戶端連接AR1的SSH服務
[SW1]ssh client first-time enable //第一次配置作為SSH客戶端登錄需要運行此命令
[SW1]stelnet 10.0.0.1 //連接到AR1的SSH服務器
Please input the username:zw //登錄用戶名為zw
The server is not authenticated. Continue to access it? [Y/N] :y服務器未通過身份驗證。繼續訪問?
Enter password: //輸入密碼
華為設備SSH的實施