这狠基础了,介绍就不用提了。
二种认证模式AAA 与 pasword
上拓扑:
要求:
R1与R2互通
2.R1为SSH服务
3.R2为telnet服务
总结
总之狠简单,学校课程是H3C,二个我都做了一遍,命令大致相同,
首先配置IP
R1:
[Huawei-Ethernet0/0/0]ip add 10.1.1.1 24
R2:
[Huawei-Ethernet0/0/0]ip add 10.1.1.2 24
先配置R1上的ssh
//首先配置RSA密钥,1024
[R1]rsa local-key-pair create
The key name will be: R1_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
....++++++
.++++++
...++++++++
................................++++++++
[Huawei]stelnet server enable //华为和别的开始SSH的命令不同,注意
Info: Succeeded in starting the Stelnet server.
认证模式就AAA把,
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]protocol inbound all //这一定要配置这条命令,我第一次没配置爆错,ALL 也可以改成别的服务
[R1]aaa
[R1-aaa]local-user admin password cipher admin888
[R1-aaa]local-user admin service-type ssh
//配置用户admin 服务为ssh
[R1-aaa]local-user admin privilege level 3
//给用户权限
[R1]ssh user admin authentication-type password //设置ssh用户
验证
R2配置Telnet 这里使用password密码认证:
[Huawei]telnet server enable
Info: The Telnet server has been enabled.
[Huawei]user-interface vty 0 4
[Huawei-ui-vty0-4]authentication-mode password
[Huawei-ui-vty0-4]set authentication password simple admin888
[Huawei-ui-vty0-4]protocol inbound all
验证
总结:二种认证模式