H3C SSH实验

admin

H3C SSH实验

<H3C>system-view

[H3C]sysname r1

[r1-GigabitEthernet0/1]ip address 192.168.1.1 24

[r1-GigabitEthernet0/1]interface gigabitethernet 0/2

[r1-GigabitEthernet0/2]ip address 172.16.10.1 24

[r1-GigabitEthernet0/2]interface loopback 0

[r1-LoopBack0]ip address 100.100.100.100 32

[r1-LoopBack0]quit

创建RSA与DSA密钥对

[r1]public-key local creat rsa

[r1]public-key local create dsa

配置VTY虚拟用户界面

[r1]user-interface vty 0 4

[r1-line-vty0-4]authentication-mode scheme //认证模式为计划（AAA）

[r1-line-vty0-4]protocol inbound all //配置所在用户界面支持的协议（默认已开）

[r1-line-vty0-4]quit

配置计划用户

[r1]local-user zurkj //创建用户

[r1-luser-manage-zurkj]password simple Aa123456789 //配置用户密码

[r1-luser-manage-zurkj]service-type ssh terminal telnethttp https //配置用户支持的服务类型

[r1-luser-manage-zurkj]authorization-attribute user-rolelevel-15 //配置用户的权限level-15=network-admin

[r1-luser-manage-zurkj]quit

创建SSH用户并开启SSH服务

[r1]ssh user zurkj service-type all authentication-typepassword

[r1]ssh server enable

[r1]sftp server enable

如果使用R2访问R1的SSH建议配置一下首次访问

ssh client first-time enable

相关查看

[r1]display ssh server status //查看SSH服务状态

[r1]display ssh server session //查看SSH服务会话

[r1]display ssh user-information //查看SSH用户信息

[r1]display public-key local rsapublic //查看RSA本地密钥中的公钥部分