本地管理与Telnet
-
路由器配置Console认证
<Huawei>sys
[Huawei]sys AR1
[AR1]user-interface console 0 //进入Console接口
[AR1-ui-console0]authentication-mode password //设置认证模式为密码,并设置密码
Please configure the login password (maximum length 16):abc.123
[AR1-ui-console0]
1.1路由器更改密码
[AR1]user-interface console 0
[AR1-ui-console0]set authentication password cipher abc.1234
测试:
[AR1]user-interface console 0
[AR1-ui-console0]q
[AR1]q
<AR1>q
Configuration console exit, please press any key to log on
Login authentication
Password:
<AR1>
交换机配置Console认证
<Huawei>sys
[Huawei]sys SW1
[SW1]user-interface console 0 //进入Console接口
[SW1-ui-console0]authentication-mode password //设置认证模式为密码
[SW1-ui-console0]set authentication password cipher abc.123 //设置密码
测试:
[SW1-ui-console0]q
[SW1]q
<SW1>q User interface con0 is available
Please Press ENTER.
Login authentication
Password:
<SW1>
通过Telnet命令实现远程控制设备
配置AR1
<AR1>sys
[AR1]int gi 0/0/0
[AR1-GigabitEthernet0/0/0]ip add 12.1.1.1 24
[AR1-GigabitEthernet0/0/0]int gi 0/0/1
[AR1-GigabitEthernet0/0/1]ip add 13.1.1.1 24
[AR1]user-interface vty 0 4 //进入虚拟用户终端接口
[AR1-ui-vty0-4]protocol inbound telnet //默认是开通telnet服务的,此命令可以不敲
[AR1-ui-vty0-4]authentication-mode password //设置认证模式:密码;
Please configure the login password (maximum length 16):abc.123
[AR1-ui-vty0-4]user privilege level 15 //设置用户等级为15,默认级别为0
配置AR2和AR3
<Huawei>sys
[Huawei]sys AR2
[AR2]int gi 0/0/0
[AR2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[AR2-GigabitEthernet0/0/0]q
<Huawei>sys
[Huawei]sys AR3
[AR3]int gi 0/0/0
[AR3-GigabitEthernet0/0/0]ip add 13.1.1.2 24
[AR3-GigabitEthernet0/0/0]q
测试:
<AR2>telnet 12.1.1.1
Press CTRL_] to quit telnet mode
Trying 12.1.1.1 ...
Connected to 12.1.1.1 ...
Login authentication
Password:
<AR1>
<AR3>telnet 13.1.1.1
Press CTRL_] to quit telnet mode
Trying 13.1.1.1 ...
Connected to 13.1.1.1 ...
Login authentication
Password:
<AR1>
<AR1>display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:01:10 TEL 12.1.1.2 pass
Username : Unspecified
130 VTY 1 00:00:36 TEL 13.1.1.2 pass
Username : Unspecified
通过AAA认证的方式进行区别用户登录权限
[AR1]aaa
[AR1-aaa]local-user qyt password cipher abc.123 privilege level 15 //创建本地用户qyt,并设置密码,用户等级设置为15
Info: Add a new user.
[AR1-aaa]local-user qyt service-type telnet //设置本地用户qyt允许登录的类型为Telnet
[AR1-aaa]local-user huawei password cipher abc.1234 //创建本地用户huawei,并设置密码
Info: Add a new user.
[AR1-aaa]local-user huawei service-type telnet //设置本地用户huawei允许登录的类型为Telnet
[AR1-aaa]local-user huawei privilege level 0 //设置本地用户huawei用户等级设置为0,默认的用户等级为0
[AR1-aaa]q
[AR1]user-interface vty 0 4
[AR1-ui-vty0-4]authentication-mode aaa //设置认证模式为aaa
测试 :
<AR2>telnet 12.1.1.1
Press CTRL_] to quit telnet mode
Trying 12.1.1.1 ...
Connected to 12.1.1.1 ...
Login authentication
Username:qyt
Password:
-----------------------------------------------------------------------------
User last login information:
-----------------------------------------------------------------------------
Access Type: Telnet
IP-Address : 12.1.1.2
Time : 2023-09-02 00:00:55-08:00
-----------------------------------------------------------------------------
<AR1>sys
<AR1>system-view
Enter system view, return user view with Ctrl+Z.
[AR1]
<AR3>telnet 13.1.1.1
Press CTRL_] to quit telnet mode
Trying 13.1.1.1 ...
Connected to 13.1.1.1 ...
Login authentication
Username:huawei
Password:
<AR1>sys
^
Error: Unrecognized command found at '^' position. //由于用户级别是0所以无法配置
<AR1>
[AR1]display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:02:33 TEL 12.1.1.2 pass
Username : qyt
130 VTY 1 00:01:15 TEL 13.1.1.2 pass
Username : huawei
305
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
