华为路由器 1:
- sys // 进入系统视图 [Huawei]interface g0/0/0 // 进入 g0/0/0 配置 [Huawei-GigabitEthernet0/0/0]ip
- address 202.100.1.1 30 // 配置 IP 地址为 202.100.1.1 30 [Huawei-GigabitEthernet0/0/0]q
- [Huawei]aaa // 进入 aaa [HW-R1-aaa]local-user huawei password cipher huawei123
- // 创建用户 huawei 和密码 huawei123 [Huawei-aaa]local-user huawei service-type
- SSH // 用户 huawei 认证默认是 SSH [Huawei-aaa]local-user huawei privilege level
- 15 // 用户 huawei 用户权限 15 级 [Huawei-aaa]q // 退出 [Huawei]SSH user huawei authentication-type
- password //SSH 用户 huawei 认证模式是密码认证 Authentication type setted, and will
- be in effect next time [Huawei]stelnet server enable // 开启 SSH 认证服务
Info: Succeeded in starting the STELNET server.
- [Huawei]rsa local-key-pair create // 生成本地认证秘钥
- The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y // 是否确定更换现有秘钥 (是)
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:768 // 默认 512 位密码, 输入产生的秘钥长度 (768)
Generating keys...
- ................++++++++
- .++++++++
- .+++++++++
- .+++++++++
- [Huawei]user-interface vty 0 4 // 进入配置虚拟终端
- [Huawei-ui-vty0-4]authentication-mode aaa // 虚拟终端认证模式为 AAA
- [Huawei-ui-vty0-4]protocol inbound SSH // 开启 SSH
- [Huawei-ui-vty0-4]q // 退出
- [Huawei]sys HW-R1 // 设置设备名称 HW-R1
- [HW-R1]
华为路由器 2:
- sys // 进入系统视图 [Huawei]interface g0/0/0 // 进入 g0/0/0 配置 [Huawei-GigabitEthernet0/0/0]ip
- address 202.100.1.2 30 // 配置 IP 地址为 202.100.1.2 30 [Huawei-GigabitEthernet0/0/0]q
- // 退出 [Huawei]SSH client first-time enable // 开启 SSH 第一次登陆 [Huawei]stelnet
- 202.100.1.1 Please input the username:huawei // 输入用户名 huawei Trying 202.100.1.1
- ... Press CTRL+K to abort
Error: Failed to connect to the remote host.
- [Huawei]stelnet 202.100.1.1
- Please input the username:huawei
- Trying 202.100.1.1 ...
- Press CTRL+K to abort
Error: Failed to connect to the remote host.
- [Huawei]stelnet 202.100.1.1
- Please input the username:huawei
- Trying 202.100.1.1 ...
- Press CTRL+K to abort
Connected to 202.100.1.1 ...
- The server is not authenticated. Continue to access it? (y/n)[n]:y // 是否接收秘钥
- Jul 29 2019 16:43:31-08:00 Huawei %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[1]:The server had not been authenticated in the process of exchanging keys. When deciding whether to continue, the user chose Y.
- [Huawei]
- Save the server's public key? (y/n)[n]:y // 是否保存秘钥在本地
The server's public key will be saved with the name 202.100.1.1. Please wait...
- Jul 29 2019 16:43:33-08:00 Huawei %%01SSH/4/SAVE_PUBLICKEY(l)[2]:When deciding whether to save the server's public key 202.100.1.1, the user chose Y.
- [Huawei]
- Enter password: // 输入密码
- sys // 进入系统视图
- [HW-R1]
- dis users
- User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
- 0 CON 0 00:02:26 pass Username : Unspecified
- 129 VTY 0 00:00:00 SSH 202.100.1.2 pass Username : huawei
来源: http://www.bubuko.com/infodetail-3137739.html