|
|
华为V200r021C10SPC500 SSH强加密问题解决
<sw>dir //查看根目前中的文件
Directory of flash:/
Idx Attr Size(Byte) Date Time FileName
0 -rw- 0 Sep 20 2022 12:58:08 last_startup_software_info.txt
1 drw- - Sep 20 2022 12:58:45 dhcp
2 drw- - Sep 20 2022 12:56:48 user
3 -rw- 8,192 Sep 20 2022 12:58:55 default_ca.cer
4 -rw- 224 Sep 20 2022 12:58:09 current_startup_software_info.txt
5 drw- - Sep 20 2022 13:39:38 sessionlog
6 drw- - Sep 20 2022 12:57:36 security
7 -rw- 100,713,966 Apr 12 2018 16:36:57 fm-s5735-s-x_v200r021c10spc600.cc
8 -rw- 1,407 Sep 20 2022 12:59:05 default_local.cer
9 drw- - Jun 24 2022 01:11:23 logfile
10 -rw- 1,336 Sep 20 2022 17:47:05 vrpcfg.zip
11 drw- - Apr 12 2018 16:35:43 $_user
12 drw- - Sep 20 2022 12:56:47 pmdata
13 drw- - Sep 20 2022 17:33:57 $_install_mod
14 -rw- 836 Sep 20 2022 12:56:00 rr.bak
15 -rw- 836 Sep 20 2022 12:56:00 rr.dat
16 -rw- 1,065 Sep 20 2022 17:47:06 private-data.txt
17 drw- - Sep 20 2022 17:47:05 localuser
18 drw- - Sep 20 2022 12:55:06 sys_apinfo
19 -rw- 216 Sep 20 2022 12:59:06 ca_config.ini
246,916 KB total (150,980 KB free)
<sw>cd flash:/$_install_mod/ //进入$_install_mod文件夹
<sw>dir //查看文件
Directory of flash:/$_install_mod/
Idx Attr Size(Byte) Date Time FileName
0 -rw- 10,965 Sep 20 2022 17:33:57 weakea_v200r021c10spc600.mod
246,916 KB total (150,980 KB free)
<sw>install-module weakea_v200r021c10spc600.mod //执行安装单元weakea_v200r021c10spc600.mod
Info: Installing the module flash:/$_install_mod/weakea_v200r021c10spc600.mod....
Info: Succeeded in installing the module on the master board......
<sw>display current-configuration | include ssh //查看关于SSH的当前配置
local-user admin service-type telnet terminal ssh ftp http
ssh user admin
ssh user admin authentication-type password
ssh user admin service-type all
ssh user admin sftp-directory flash:
ssh server-source all-interface
ssh server cipher aes256_ctr aes128_ctr
ssh server hmac sha2_256
ssh server key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256 dh_group_exchange_sha256
ssh client cipher aes256_ctr aes128_ctr
ssh client hmac sha2_256
ssh client key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256 dh_group_exchange_sha256
ssh server dh-exchange min-len 2048
ssh authorization-type default aaa
ssh server publickey rsa_sha2_512 rsa_sha2_256
插件安装结束后将算法恢复成默认配置,将指定的算法参数全部undo掉(不指定任何算法就是默认支持所有算法)
设备生成的指定秘钥算法配置等类似如下:
ssh server cipher aes256_ctr aes128_ctr
ssh server hmac sha2_256
ssh server key-exchange dh_group_exchange_sha1 dh_group14_sha1 dh_group1_sha1
ssh client cipher aes256_ctr aes128_ctr
ssh client hmac sha2_256
将上述算法全部undo掉
Undo ssh server cipher
Undo ssh server hmac
Undo ssh server key-exchange
Undo ssh client cipher
Undo ssh client hmac
完成。
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2022-12-22 21:45:57