H3C交换机SSH登录配置
你在第一次使用SSH协议连接设备时,都会返回一个对话框:提示是否信任该密钥。那么我们交换机配置SSH协议时,第一步就是创建密钥对:
[H3C]display public-key local rsa public #发现没有密钥对,如果有的话可以不用创建
[H3C]public-key local create rsa #创建RSA秘钥对
The range of public key modulus is (512 ~ 2048).
If the key modulus is greater than 512, it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys…
…
Create the key pair successfully.
[H3C]display public-key local rsa public #查看本地RSA秘钥对
=============================================
Key name: hostkey(default)
Key type: RSA
Time when key pair created: 01:25:10 2019/11/27
Key code:
30819F300D06092A864886F70D010101050003818D0030818902818100FAEB8F943737BAEE
B3BDD6F8771C66DB3E58E7D3DF71A939CD2A19D725C7BE7C2E92240568C9060E28E4F5C3A3
AD7CAF2DA9E7ADA30DE60AAA912F8603B4EBCD6FB24C16230870999C5D27D97CA012B95070
FDEE24235EACE186B29D13B8A949EEC7B260479DC4AFF460092883F5D6F73A2CCB5A7A2BC4
0C9FD6F005201F561F0203010001
=============================================
Key name: serverkey(default)
Key type: RSA
Time when key pair created: 01:25:10 2019/11/27
Key code:
307C300D06092A864886F70D0101010500036B003068026100E6ECF228ED19FDD813083A42
BD40D3F2354B12FD081206EC9EEA81974CFD4B74550BD60D79C5022A6C8B75074F5843E570
320B1A3CEF6FC9104D5C27A8667EC71BDC462B17E4E2815513FE2BF5F313DE32A84CD0571E
D30E4F2B04B5F23577430203010001
[H3C]
1、创建接口地址用来登录
[H3C]interface Vlan-interface 1
[H3C-Vlan-interface1]ip address 192.168.1.252 24
[H3C-Vlan-interface1]quit
2、创建虚拟终端验证方式
[H3C]user-interface vty 0 4
[H3C-line-vty0-4]authentication-mode scheme
[H3C-line-vty0-4]quit
3、添加ssh用户并绑定服务类型和授权
[H3C]local-user myroot class manage
[H3C-luser-manage-myroot]password simple my123456
[H3C-luser-manage-myroot]service-type ssh
[H3C-luser-manage-myroot]authorization-attribute user-role network-admin
[H3C-luser-manage-myroot]quit
4、开启服务并保存
[H3C]ssh server enable
[H3C]save
-----------------------------------------------
[H3C]public-key local destroy rsa #删除RSA秘钥
