华为交换机远程配置过程---ssh，telnet

黄沐阳

已于 2024-08-29 15:29:39 修改

阅读量1.9k

点赞数 8

文章标签：网络华为

于 2024-08-29 15:23:06 首次发布

本文链接：https://blog.youkuaiyun.com/m0_50130952/article/details/141678409

版权

telnet

配置IP和接口

interface Vlanif10
 ip address 10.1.1.1 255.255.255.0
 #
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10

开启Telnet服务

启动

telnet server enable

这条命令现网一定要加，要不然不生效

telnet server-source all-interface

配置VTY认证模式

user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all

配置AAA模式

aaa
 local-user admin1 password irreversible-cipher huawei@123
 local-user admin1 privilege level 15
 local-user admin1 service-type telnet terminal ssh

客户端配置

在这里插入图片描述

1.首先进行ping 测试，检验其路由连通性

<SW2>ping 10.1.1.1
  PING 10.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=60 ms
    Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=50 ms
    Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=50 ms
    Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=40 ms
    Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=10 ms

  --- 10.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 10/42/60 ms

2、Telnet登陆测试

<SW2>telnet 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1 ...


Login authentication


Username:abc
Password:
Info: The max number of VTY users is 5, and the number
      of current VTY users on line is 1.
      The current login time is 2024-08-29 15:09:27.
<SW1>

ssh

网络设备生成本地密钥对

[SW1]rsa local-key-pair create 
The key name will be: SW1_Host
% RSA keys defined for SW1_Host already exist.
Confirm to replace them? [y/n]:y
The range of public key size is (512 ~ 2048). 
NOTES: If the key modulus is greater than 512, 
       it will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
........................................++++++
.................................++++++
......++++++++
....................++++++++

配置AAA模式

aaa
 local-user admin1 password irreversible-cipher huawei@123
 local-user admin1 privilege level 15
 local-user admin1 service-type telnet terminal ssh

开启STelnet服务

stelnet server enable

华为的STelnet即SSH，叫法不同而已。

路由器中可能不支持此命令，默认开启。

ssh user admin1 service-type stelnet
ssh user admin1 authentication-type password

配置VTY认证模式

user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all

加新交换机需要输入这条命令

ssh client  first-time  enable

进行ping 测试，检验其路由连通性

<SW2>ping 10.1.1.1
  PING 10.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=60 ms
    Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=50 ms
    Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=50 ms
    Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=40 ms
    Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=10 ms

  --- 10.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 10/42/60 ms```

ssh登陆测试


[SW2]stelnet 10.1.1.1
Please input the username:abc
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1 ...
The server's public key does not match the one catched before.
The server is not authenticated. Continue to access it? [Y/N]:y
Update the server's public key now? [Y/N]: 
Aug 29 2024 15:19:42-08:00 SW2 %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[0]:The server h
ad not been authenticated in the process of exchanging keys. When deciding wheth
er to continue, the user chose Y.
Error: Please choose 'YES' or 'NO' first before pressing 'Enter'. [Y/N]:y

Aug 29 2024 15:19:45-08:00 SW2 %%01SSH/4/UPDATE_PUBLICKEY(l)[1]:When deciding wh
ether to update the key 10.1.1.1 which already existed, the user chose Y.
Enter password:
Info: The max number of VTY users is 5, and the number
      of current VTY users on line is 1.
      The current login time is 2024-08-29 15:19:50.
<SW1>