太久沒有配置網絡交換機,基本的配置都忘記了七七八八了,作爲一個運維工程師。要時刻保持着不斷學習的態度,用知識來武裝自己。好了,廢話不多說。直接進入今天的主題
交換機路由器配置ssh
實驗拓撲
創建VLAN100
[SW] vlan 100
[SW-vlan100] quit
配置接口GE0/0/1:
[SW] interface GigabitEthernet 0/0/1
[SW-GigabitEthernet0/0/1] port link-type access
[SW-GigabitEthernet0/0/1] port default vlan 100
爲交換機的Vlanif100配置IP地址:
[SW] interface Vlanif 100
[SW-Vlanif100] ip address 192.168.1.100 24
配置用於SSH登錄的用戶名(client001)、密碼(Huawei123):
[SW] aaa
[SW-aaa] local-user client001 password cipher Huawei123
[SW-aaa] local-user client001 privilege level 3
[SW-aaa] local-user client001 service-type ssh
[SW-aaa] quit
在交換機上生成本地密鑰對:
[SW] rsa local-key-pair create
The key name will be: SW_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
...++++++++++++
.++++++++++++
..................++++++++
......++++++++
激活Stelnet服務:
[SW] stelnet server enable
[SW] ssh authentication-type default password
[SW] ssh user client001 authentication-type password
[SW] ssh user client001 service-type all
配置VTY(虛擬終端)界面,身份認證方式爲AAA認證,允許用戶以SSH的方式接入:
[SW] user-interface vty 0 4
[SW-ui-vty0-4] authentication-mode aaa
[SW-ui-vty0-4] protocol inbound ssh
交換機路由器配置telent
創建VLAN100:
[SW] vlan 100
[SW-vlan100] quit
配置接口GE0/0/1:
[SW] interface GigabitEthernet 0/0/1
[SW-GigabitEthernet0/0/1] port link-type access
[SW-GigabitEthernet0/0/1] port default vlan 100
[SW] interface Vlanif 100
[SW-Vlanif100] ip address 192.168.1.100 24
配置用於Telnet登錄的用戶名(telnetuser)、密碼(Huawei123):
[SW] aaa
[SW-aaa] local-user telnetuser password cipher Huawei123
[SW-aaa] local-user telnetuser privilege level 3 #用戶級別爲3級
[SW-aaa] local-user telnetuser service-type telnet #用戶服務類型爲telent
配置VTY(Virtual Teletype Terminal,虛擬終端)界面,身份認證方式爲AAA認證:
[SW] telnet server enable
[SW] user-interface vty 0 4
[SW-ui-vty0-4] authentication-mode aaa
好記性不如爛筆頭