"SSH remote management switch"

"SSH remote management switch"

SSH management

Example: Huawei S5700 switch

The switch management IP is 192.168.254.1/24, and the computer can ping the switch

illustrate:

SSH is ciphertext transmission, the switch needs to create a local key pair, and the protocol must include SSH

As shown in the picture:

#1. Create a VLAN and configure the management IP address: 
vlan 254 
quit 

interface vlan 254 
ip address 192.168.254.1 255.255.255.0 
quit 

#Add and change VLAN 254 ​​on the PC port to ensure that the PC can ping the switch through 
int g0/0/1 
port link-type access 
port default vlan 254 
quit 

#2, open an account stelnet permission 
stelnet server enable 

#3, create a local key pair, press Enter to press the default encryption length 
rsa local-key-pair create 

#4, create an ssh user 
ssh user admin                                 
ssh user admin authentication-type password   
ssh user admin service-type stelnet           

#5, enter aaa mode to configure user 
aaa                                         
local-user admin password cipher admin@123 
local-user admin privilege level 15        
local-user admin service-type ssh           
quit 

#6, configure the login protocol supported by the vty interface 
user-interface vty 0 4 
authentication-mode aaa               
protocol inbound ssh                                     
quit 

#7, add the default route to the gateway, so that other network segments can access 
the ip route -static 0.0.0.0 0 192.168.254.254