<H3C>system-view
[H3C]sysname r1
[r1-GigabitEthernet0/1]ip address 192.168.1.1 24
[r1-GigabitEthernet0/1]interface gigabitethernet 0/2
[r1-GigabitEthernet0/2]ip address 172.16.10.1 24
[r1-GigabitEthernet0/2]interface loopback 0
[r1-LoopBack0]ip address 100.100.100.100 32
[r1-LoopBack0]quit
创建RSA与DSA密钥对
[r1]public-key local creat rsa
[r1]public-key local create dsa
配置VTY虚拟用户界面
[r1]user-interface vty 0 4
[r1-line-vty0-4]authentication-mode scheme //认证模式为计划(AAA)
[r1-line-vty0-4]protocol inbound all //配置所在用户界面支持的协议(默认已开)
[r1-line-vty0-4]quit
配置计划用户
[r1]local-user zurkj //创建用户
[r1-luser-manage-zurkj]password simple Aa123456789 //配置用户密码
[r1-luser-manage-zurkj]service-type ssh terminal telnethttp https //配置用户支持的服务类型
[r1-luser-manage-zurkj]authorization-attribute user-rolelevel-15 //配置用户的权限level-15=network-admin
[r1-luser-manage-zurkj]quit
创建SSH用户并开启SSH服务
[r1]ssh user zurkj service-type all authentication-typepassword
[r1]ssh server enable
[r1]sftp server enable
如果使用R2访问R1的SSH建议配置一下首次访问
ssh client first-time enable
相关查看
[r1]display ssh server status //查看SSH服务状态
[r1]display ssh server session //查看SSH服务会话
[r1]display ssh user-information //查看SSH用户信息
[r1]display public-key local rsapublic //查看RSA本地密钥中的公钥部分
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-10-22 15:32:11
