1 配置需求或说明
1.1适用产品系列
本案例适用于Comware V5 软件平台MSR WiNet系列路由器,如MSR830-WiNet 、MSR 830-10-WiNet 、MSR 930-WiNet 、MSR 930-10-WiNet 、MSR 930-WiNet-W 、MSR 2600-10-WiNet等。
1.2配置需求
Host(SSH客户端)与Router建立本地连接。Host采用SSH协议登录到Router上,以保证数据信息交换的安全。此处采用的认证方式为password认证,用户名和密码保存在Router上。
2 组网图
3 配置步骤
3.1 设备作为SSH服务器端设置
# 生成RSA密钥对。 <H3C>system-view System View: return to User View with Ctrl+Z. [H3C]public-key local create rsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++++++++++++++++++++++++++++++++ +++++++++++ +++++++++++++ +++ # 生成DSA密钥对。 [H3C]public-key local create dsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++*+++++++++++++ # 启动SSH服务器。 [H3C]ssh server enable # 配置VLAN虚接口Vlan-interface 1的IP地址为192.168.1.1,此地址作为SSH服务器的登录地址。 [H3C]interface Vlan-interface 1 [H3C-Vlan-interface1] ip address 192.168.1.1 255.255.255.0 [H3C-Vlan-interface1]quit # 设置SSH客户端登录用户界面的认证方式为password认证。 [H3C] user-interface vty 0 4 [H3C-ui-vty0-4]authentication-mode scheme # 设置Router上远程用户登录协议为SSH。 [H3C-ui-vty0-4]protocol inbound ssh [H3C-ui-vty0-4]quit # 创建本地用户client001,密码为aabbcc,并设置用户访问的命令级别为最高级别3。 [H3C]local-user client001 [H3C-luser-client001]password simple aabbcc [H3C-luser-client001]service-type ssh [H3C-luser-client001] authorization-attribute level 3 [H3C-luser-client001]quit # 配置SSH用户client001的服务类型为Stelnet,认证方式为password认证(此步骤非必配)。 [H3C]ssh user client001 service-type stelnet authentication-type password #保存配置 [H3C]save force
© 版权声明
本网站的文章部分内容可能来源于网络,仅供大家学习与参考,如有侵权,请联系站长进行删除处理。Mail To:718588255@qq.com
THE END