本文档详细介绍了如何在华为交换机上配置STelnet V2,包括生成本地密钥对、开启STelnet服务器、配置SSH参数、设置访问控制、创建SSH用户并配置认证方式和服务类型,以增强设备登录的安全性。
使用STelnet V1协议存在安全风险,建议使用STelnet V2登录设备。
1、生成本地密钥对
密钥保存在交换机中单不保存在配置文件中
[Huawei]rsa ?
key-pair RSA key pair
local-key-pair Local RSA public key pair operations
peer-public-key Remote peer RSA public key configuration
[Huawei]rsa local-key-pair ?
create Create new local public key pairs
destroy Destroy the local public key pairs # 销毁本地密钥对
[Huawei]rsa local-key-pair create
The key name will be: Huawei_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 512]:1024 # 密钥对长度越大,密钥对安全性就越好,建议使用最大的密钥对长度
Generating keys...
.......++++++
.++++++
........................++++++++
..........++++++++
或
[Huawei]dsa local-key-pair ?
create Create a new local key-pair
destroy Destroy the local key-pair
[Huawei]dsa local-key-pair create
Info: The key name will be: Huawei_Host_DSA.
Info: The key modulus can be any one of the following : 512, 1024, 2048.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=512]:1024
Info: Generating keys...
Info: Succeeded in creating the DSA host keys.
----------------------查看密钥对-----------------------
[Huawei]display dsa local-key-pair public
=====================================================
Time of Key pair created: 11:37:32 2016/3/30
Key name : Huawei_Host_DSA</
最低0.47元/天 解锁文章
扫一扫
2198
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
