SSH远程登陆管理
一、实验拓扑图如下:
二、实验步骤
- 步骤一: 配置ip接口确保AR4和AR5处于同一网段
#路由器 AR1 ip地址配置
<Huawei>system-view #进入特权模式
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable #关闭信息提示
Info: Information center is disabled.
[Huawei]sysname R2 #命名R2
[R4]interface GigabitEthernet 0/0/0 #进入接口0/0/0
[R4-GigabitEthernet0/0/0]ip address 12.1.1.1 24 #ip address ip地址 子网掩码
#路由器 AR2 ip地址配置
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R2
[R5]interface GigabitEthernet 0/0/0
[R5-GigabitEthernet0/0/0]ip address 12.1.1.2 24
- 步骤三:配置SSH远程登陆
#配置R2作为远程被登陆设备进行配置
<R2>system-view
Info: Succeeded in starting the STELNET server.
[R2]stelnet server enable #开启SSH服务器端的stelnet服务
[R2]rsa local-key-pair create #创建加密报文的密钥对
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
.....................................................++++++
.................................................++++++
..................................++++++++
............................++++++++
[R2-aaa]local-user huawei password cipher 123456 #登录名:huawei;密码123456
[R2-aaa]local-user huawei privilege level 3 #给账号分配3级权限
[R2-aaa]local-user huawei service-type ssh #创建SSH用户
[R2-aaa]quit
[R2]user-interface vty 0 4
[R2-ui-vty0-4]authentication-mode aaa
[R2-ui-vty0-4]protocol inbound ssh #开启vty线路的SSH访问功能
[R2-ui-vty0-4]quit
[R2]ssh user huawei authentication-type all #定义SSH用户的认证模式
Authentication type setted, and will be in effect next time
- 步骤四:进入R1验证
#通过R1登陆R3路由器
<R1>system-view
Enter system view, return user view with Ctrl+Z.
[R1]ssh client first-time enable
[R1]stelnet 12.1.1.2
Please input the username:huawei
Trying 12.1.1.2 ...
Press CTRL+K to abort
Connected to 12.1.1.2 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 12.1.1.2. Please wait...
Enter password:
<R2> #由此表明,已通过R1远程登陆R2
以上是SSH远程登陆服务器的全部步骤,感谢您的支持点赞,后期将分享更多精彩案例。敬请期待!!!