不认证
interface Vlan-interface 1
ip address 192.168.56.2 24
telnet server enable
line vty 0 4
authentication-mode none
注意:ssh 无效
只用密码登录
interface Vlan-interface 1
ip address 192.168.56.2 24
telnet server enable
line vty 0 4
authentication-mode password
set authentication password simple [email protected]
注意:ssh 无效
用户密码登录
interface Vlan-interface 1
ip address 192.168.56.2 24
telnet server enable
ssh server enable
line vty 0 4
authentication-mode scheme
local-user user1 class manage
password simple [email protected]
service-type telnet
service-type ssh
Radius登录
interface Vlan-interface 1
ip address 192.168.56.2 24
telnet server enable
ssh server enable
line vty 0 4
authentication-mode scheme
radius scheme freeradius
primary authentication 192.168.56.4 key simple testing123
user-name-format without-domain
domain system
#domain name system
authentication login radius-scheme freeradius local
authorization login radius-scheme freeradius local
accounting default none
role default-role enable network-admin
注意:这里在Radius服务器上统一设置账号密码
SSH 无密码登录
创建RAS密码对
ssh-keygen -t rsa -b 2048
交换机设置
interface Vlan-interface 1
ip address 192.168.56.2 24
ftp server enable
ssh server enable
line vty 0 4
authentication-mode scheme
local-user user1 class manage
password simple [email protected]
service-type ftp
authorization-attribute work-directory flash:/
authorization-attribute user-role network-admin
上传公钥
ftp 192.168.56.2
user1
[email protected]
bin
put .ssh/id_rsa.pub
交换机上导入公钥
public-key local create rsa name hostkey
2048
public-key peer id_rsa import sshkey id_rsa.pub
创建公钥用户
local-user user2
service-type ssh
authorization-attribute user-role network-admin
ssh user user2 service-type all authentication-type publickey assign publickey id_rsa
no ftp server enable
查看
display ssh user-information
display public-key peer brief
password-control length 4