1.5 Configure stelnet login system

Others 2021-03-27 17:52:25 views: null

Configure to log in to the system via stelnet

Principle overview

Telnet lacks a secure authentication method, and the use of tcp plaintext for transmission has great security risks. It is no longer accepted.
Steelnet uses authentication and two-way data encryption on the user side in a traditional network environment to provide security for the terminal. Telnet service.

s is ssh to provide safe information protection and powerful authentication functions. Port 22

Experimental topology

Insert picture description here

Experimental steps

Device interface Ip Mask Gateway
R1 G0/0/0 10.1.1.1 24 #
R2 G0/0/0 10.1.1.2 24 #

Because the simulator software pc does not have an ssh client, you can only use the router to simulate the experiment

It’s best to test connectivity before doing any experiments

Configure ssh experiment

First, the server must generate and configure the local rsa key pair.

R2

Rsa local-key-pair create
// display rsa local-key-pair public View part of the public key information in the local key

Enter the vty user to set the user authentication mode as AAA
User-interface vty 0 4
Authentication mode aaa
Protocol inbound ssh vty user is allowed to access the protocol.
aaa
Local-user huawei password cipher huawei1
Local-user huawei service-type ssh

Stelnet server enable
By default, the ssh server function is disabled. Open like this

connection

Finally, you can display ssh user-information huawei to
view users

Display ssh server status

R1:
Because when the ssh client logs in to the ssh server for the first time, the client does not save the rsa public key of the ssh server. The first login will fail. Therefore, the first authentication 2 function of the account opening client is required. No validity check is performed on the rsa public key.

Ssh client first-time enable

Successful connection
Display ssh server session

What are the flaws in the first authentication function of the Ssh client?

The ssh client login authentication for the first time has great security risks. If it is not turned on, you can paste the other party's public key information locally to successfully authenticate

Guess you like

Origin blog.csdn.net/weixin_45821358/article/details/113778253
Recommended
Ranking
Goldman: Microsoft is winning the war cloud services
Change admob ids on existing apps
【C++】Introduction to Object-Oriented Programming③ (Process-Oriented Programming Structured Programming Method | Structured Programming Method Concept / Features / Advantages and Disadvantages | Object-Oriented Programming Introduction )
2021-02-26 Luogu P1966 digging landmines-dfs violent search (backtracking method)
jqgrid seleccione todo cancelar una sola fila haga clic en cancelar evento
InstructTTS: Modeling Expressive TTS in Discrete Latent Space with Natural Language Style Prompt
hdu1312 “Red and Black”——DFS与递归的应用
【Linux】孤儿进程、僵死进程和信号
OCRアーティファクト、PDF、数式を変換可能
Linux kernel Tcp performance tuning
Daily
More
2024-06-04(0)
2024-06-03(1)
2024-06-02(0)
2024-06-01(1)
2024-05-31(1)
2024-05-30(0)
2024-05-29(1)
2024-05-28(1)
2024-05-27(1)
2024-05-26(0)

Code World

© 2018 codetd.com