Cisco路由器配置
R1(config)#hostname R1 //设置主机名
R1(config)#int e0/0
R1(config-if)#ip add 202.100.1.1 255.255.255.0 //设置接口地址
R1(config-if)#no shutdown
R1(config)#username wang password qytang //设置用户名和密码
R1(config)#ip domain name qytang.com //必须设置路由器域名 否则无法生效key
R1(config)#crypto key generate rsa // 手动生产ras的key推荐768
How many bits in the modulus [512]: 768
R1(config)#ip ssh version 2 //启用shh版本2
R1(config)#line vty 0 4
R1(config-line)#login local //采用本地认证
R1(config-line)#transport input ssh //允许ssh协议方式登录
Internet(config)#int e0/0
Internet(config-if)#ip address 202.100.1.2 255.255.255.0
Internet(config-if)#no shutdown
Internet#ssh -l wang 202.100.1.1 //ssh远程登录
Password:
R1> //验证成功
华为路由器SSH配置
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 202.100.1.1 24 //配置接口IP地址
[R1-aaa]local-user wang password cipher sinoway //创建用户和密码
Info: Add a new user.
[R1-aaa]local-user wang privilege level 15 //设置用户级别为最高15级
[R1-aaa]local-user wang service-type ssh //设置允许该用户允许的服务ssh
[R1]rsa local-key-pair create //创建ras推荐768位
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:768
[R1]user-interface vty 0 4 //进入vty通道
[R1-ui-vty0-4]protocol inbound ssh //vty允许SSH登录
[R1-ui-vty0-4]authentication-mode aaa //通道认证模式使用aaa模式
[R1]stelnet server enable //开启ssh服务
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add
[R2-GigabitEthernet0/0/0]ip address 202.100.1.2 24
[R2]ssh client first-time enable //开启客户端ssh
[R2]stelnet 202.100.1.1 //远程ssh
Please input the username:wang //输入用户名
Trying 202.100.1.1 ...
Press CTRL+K to abort
Connected to 202.100.1.1 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Oct 24 2019 10:56:56-08:00 R2 %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[0]:The server had not been authenticated in the process of exchanging keys. When deciding whether to continue, the user chose Y.
[R2]
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 202.100.1.1. Please wait...
Oct 24 2019 10:56:57-08:00 R2 %%01SSH/4/SAVE_PUBLICKEY(l)[1]:When deciding whether to save the server's public key 202.100.1.1, the user chose Y.
[R2]
Enter password: //输入密码
<R1> //验证成功