Think before you speak, read before you think.

思科路由器交换机使用ssh方式连接

进入配置模式

configure terminal

一、设置enable密码

enable secret password

enable secret 5 $1$7W0A$UTAhixRjHMbE0kHPWZNMJ0

二、给交换机命名

hostname switch

三、配置域名

ip domain-name test.com

四、启用AAA,并产生rsa密钥对

aaa new-model
crypto key generate rsa

R1(config)#crypto key generate rsa
The name for the keys will be: R1.router.jpuyy.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

注:rsa默认为512bits,建议采用768bits以上的长度,这样可开启对sshv2的支持

五、配置用户名和口令

username cisco password cisco

六、配置登录方式为SSH。注意要将0-15全部配置为SSH方式,不然telnet仍可访问。

line vty 0 4
 transport input ssh
line vty 5 15
transport input ssh

最后可通过以下命令查看显示SSH配置信息

R1#show ip ssh

SSH Enabled – version 1.99
Authentication timeout: 120 secs; Authentication retries: 3


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *