考虑到需要通过公网登录路由器,因此通过如下命令配置:
conf t
line vty 0 4
password xxxxxxxxxx
login
transport input ssh
用putty能成功ssh登录。接着用SecureCRT登录,提示目的地址ssh为version1。这才发现需要做额外配置才能开启SSH2。配置过程记录如下:
router(config)#username sshuser password xxxxxx
router(config)#hostname router_host_name
router(config)#ip domain-name domain.com
router(config)#crypto key generate rsa
The name for the keys will be: router_host_name.domain.com
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
router(config)#ip domain-name domain.com
router(config)#crypto key generate rsa
The name for the keys will be: router_host_name.domain.com
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: 2048
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
Please create RSA keys (of atleast 768 bits size) to enable SSH v2.
router(config)#ip ssh rsa keypair-name router_host_name
router(config)#ip ssh version 2
*May 2 12:09:20.155: %SSH-5-ENABLED: SSH 2.0 has been enabled
接下来查看ssh2设置情况:
router#sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3
Authentication timeout: 120 secs; Authentication retries: 3
再查看连接情况:
router#show ssh
转载于:https://blog.51cto.com/hc0510/327326
4362
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
