HCNA-4 配置通过STelnet登录系统
1、基本配置 R1 <Huawei>system-view [Huawei]sysname R1 [R1]interfaceGigabitEthernet 0/0/0 [R1-GigabitEthernet0/0/0]ipaddress 10.1.1.100 24 [R1-GigabitEthernet0/0/0]return <R1>save R2 <Huawei>clocktimezone BJ add 8:00:00 <Huawei>clockdatetime 22:25 2020-04-14 <Huawei>system-view [Huawei]sysname R2 [R2]header logininformation "ipgzj.com" //配置登录时标题文本显示 [R2]header shellinformation "zurkj.com" //配置登录成功后标题文本显示 [R2]interfaceGigabitEthernet 0/0/0 [R2-GigabitEthernet0/0/0]ipaddress 10.1.1.1 24 [R2-GigabitEthernet0/0/0]return <R2>save R1 <R1>ping10.1.1.1 PING 10.1.1.1: 56 data bytes, press CTRL_C to break Reply from 10.1.1.1: bytes=56 Sequence=1ttl=255 time=440 ms Reply from 10.1.1.1: bytes=56 Sequence=2ttl=255 time=20 ms Reply from 10.1.1.1: bytes=56 Sequence=3ttl=255 time=20 ms Reply from 10.1.1.1: bytes=56 Sequence=4ttl=255 time=20 ms Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255time=40 ms
--- 10.1.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 20/108/440 ms
2、配置SSH Server [R2]rsalocal-key-pair create //生成本地RSA主机密钥对 The key name willbe: Host % RSA keys definedfor Host already exist. Confirm to replacethem? (y/n)[n]:y //确认 The range ofpublic key size is (512 ~ 2048). NOTES: If the keymodulus is greater than 512, It will take a few minutes. Input the bits inthe modulus[default = 512]: Generating keys... ............++++++++++++ ...........++++++++++++ .................++++++++ .....++++++++ [R2]display rsalocal-key-pair public //查看本地密钥对中的公钥部分信息
===================================================== Time of Key pair created: 2020-04-14 22:34:12+08:00 //描述公钥生成的时间 Key name: Host //描述公钥名称 Key type: RSA encryption Key //描述公钥类型 ===================================================== Key code: 3047 0240 C0D7F0F5 0B7BF723 281F41F8 830C304747FF6508 EF2521B6 CD885E4D B07DEE2D FE72212977FA2BCA 6A6104F5 03727704 94E300F3 0E6763A955AC4257 2CCBBB53 0203 010001
===================================================== Time of Key paircreated: 2020-04-14 22:34:14+08:00 Key name: Server Key type: RSAencryption Key ===================================================== Key code: 3067 0260 C568360D 59CD85B8 50A59597 2EEA9D5E34F41F68 CE505383 27E9EEE0 DDF31A1C E7A69FF3146C7A54 77A07D38 4DEB81ED F22AAA85 577BBD20E4E0AEBB F203AEF5 60230524 C1144F3B 20DEE28665A9C20A 1AB0001F F20DE4BA 2D214C05 9DC5FA7B 0203 010001 [R2]user-interfacevty 0 4 //配置VTY 用户界面 [R2-ui-vty0-4]authentication-modeaaa //配置认证模式AAA [R2-ui-vty0-4]protocolinbound ssh //指定VTY类型用户界面只支持SSH协议,设备会禁止Telnet功能 [R2]aaa [R2-aaa]local-userzurkj password cipher admin1234 //配置本地用户 密码 [R2-aaa]local-userzurkj privilege level 15 //配置本地用户权限级别 [R2-aaa]local-userzurkj service-type ssh //配置本地用户接入类型为SSH [R2-aaa]quit [R2]ssh user zurkjauthentication-type password //新建SSH用户 指定SSH用户认证模式为密码 [R2]stelnet serverenable //开启STelnet服务 [R2]display sshuser-information zurkj //查看SSH用户信息 -------------------------------------------------------------------------------
Username Auth-type User-public-key-name ------------------------------------------------------------------------------- zurkj password null ------------------------------------------------------------------------------- [R2]display sshserver status //查看SSH服务器全局配置信息 SSH version :1.99 SSH connection timeout :60 seconds SSH server key generating interval :0 hours SSH Authentication retries :3 times SFTP Server : Disable Stelnet server :Enable [R2]quit <R2>save
3、配置SSHClient <R1>system-view [R1]ssh clientfirst-time enable //配置SSH用户端首次认证功能 [R1]stelnet10.1.1.1 //STelnet远程访问 Please input theusername:zurkj Trying 10.1.1.1... Press CTRL+K toabort Connected to10.1.1.1 ... The server is notauthenticated. Continue to access it? (y/n)[n]:y Apr 14 202022:54:32-08:00 R1 %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[0]:The server ha d not beenauthenticated in the process of exchanging keys. When deciding whethe r to continue, theuser chose Y. [R1] Save the server'spublic key? (y/n)[n]:y The server'spublic key will be saved with the name 10.1.1.1. Please wait...
Apr 14 202022:54:35-08:00 R1 %%01SSH/4/SAVE_PUBLICKEY(l)[1]:When deciding wheth er to save theserver's public key 10.1.1.1, the user chose Y. [R1] ipgzj.com
Enter password: zurkj.com <R2> <R2>displayssh server session //查看SSH会话连接 -------------------------------------------------------------------- Conn Ver Encry State Auth-type Username -------------------------------------------------------------------- VTY 0 2.0 AES run password zurkj
--------------------------------------------------------------------
4、配置SFTPServer和Client <R2>system-view [R2-aaa]local-useripgzj password cipher admin1234 privilege level 15 //本地用户 密码 权限级别 [R2-aaa]local-useripgzj service-type ssh //本地用户服务类型 SSH [R2-aaa]local-useripgzj ftp-directory flash: //配置用户的可访问目录 [R2-aaa]quit [R2]sshuser ipgzj authentication-type password //新建SSH用户 指定SSH用户认证模式为密码 [R2]sftpserver enable //开启SFTP服务 [R2]displayssh server status //查看SSH服务器全局信息 SSH version :1.99 SSH connection timeout :60 seconds SSH server key generating interval :0 hours SSH Authentication retries :3 times SFTP Server :Enable Stelnet server :Enable [R2]return <R2>save <R1>system-view [R1]stelnet10.1.1.1 //远程连接STelnet Pleaseinput the username:ipgzj //输入用户名 Trying10.1.1.1 ... PressCTRL+K to abort Connectedto 10.1.1.1 ... ipgzj.com
Enterpassword: //输入密码 zurkj.com <R2>displayssh server session //查看SSH会话连接信息 -------------------------------------------------------------------- Conn Ver Encry State Auth-type Username -------------------------------------------------------------------- VTY 0 2.0 AES run password ipgzj
-------------------------------------------------------------------- <R2> | 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-2-4 17:44:39
