进入配置模式
configure terminal
一、设置enable密码
enable secret password
或
enable secret 5 $1$7W0A$UTAhixRjHMbE0kHPWZNMJ0
二、给交换机命名
hostname switch
三、配置域名
ip domain-name test.com
四、启用AAA,并产生rsa密钥对
aaa new-model crypto key generate rsa
R1(config)#crypto key generate rsa
The name for the keys will be: R1.router.jpuyy.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]
注:rsa默认为512bits,建议采用768bits以上的长度,这样可开启对sshv2的支持
五、配置用户名和口令
username cisco password cisco
六、配置登录方式为SSH。注意要将0-15全部配置为SSH方式,不然telnet仍可访问。
line vty 0 4 transport input ssh
line vty 5 15 transport input ssh
最后可通过以下命令查看显示SSH配置信息
R1#show ip ssh
SSH Enabled – version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
Leave a Reply