Typical configuration for secure remote access or file management using the SSH (Secure shell, security shell) feature

Source: Internet
Author: User
Tags ssh server

Configuration of the Stelnet server

# Generate RSA key pair

[DEVICEB] Public-key Local create RSA

# Generate DSA Key pair

[DEVICEB] Public-key Local Create DSA

#使能SSH服务器功能

[DEVICEB] SSH server enable

#配置接口ip地址

#设置stelnet客户端登陆用户界面的认证方式为scheme

[Deviceb]line vty 0 63

[Deviceb-line-vty0-63]authentication-mode Scheme

#创建本地用户client001, and set the password to plaintext AABBCC, the service type is SSH, and the user role is network-admin.

[Deviceb]local-user client001 class Manage

[deviceb-luser-manage-client001] Password simple AABBCC

[Deviceb-luser-manage-client001]service-type SSH

[deviceb-luser-manage-client001] Authorization-attribute user-role network-admin

[Deviceb-luser-manage-client001]quit

# Displays server-side DSA public key content.

[DEVICEB] Display Public-key local DSA public



Configuration of the Stelnet client

# Configure the IP address of the interface GIGABITETHERNET2/0/2 the client will connect to the Stelnet server through that address.

[Devicea] Interface gigabitethernet 2/0/2

[DEVICEA-GIGABITETHERNET2/0/2] IP address 192.168.1.56 255.255.255.0

[DEVICEA-GIGABITETHERNET2/0/2] Quit

# Specify the server-side host public key name Key1 and go to the public key view.

[Devicea] Public-key peer Key1

Enter public key view. Return to System view with "Peer-public-key end" command.

# The host public key is configured on the server side of the client (because the client defaults to the DSA host public key authentication server, so the public key content is displayed on the server side through the display Public-key local DSA publicly command.) )

[Devicea-pkey-public-key-key1] 308201b73082012c06072a8648ce3804013082011f02818100d757262c4584c44c211f18bd96e5f061c4f0a423f7fe6b6b85b34cef72ce14a0d3a5222 Fe08cece65be6c265854889dc1edbd13ec8b274da9f75ba26ccb987723602787e922ba84421f22c3c89cb9b06fd60fe01941ddd77fe6b12893da76eeb c1d128d97f0678d7722b5341c8506f358214b16a2fac4b368950387811c7da33021500c773218c737ec8ee993b4f2ded30f48edace915f02818100822 69009e14ec474baf2932e69d3b1f18517ad9594184ccdfceae96ec4d5ef93133e84b47093c52b20cd35d02492b3959ec6499625bc4fa5082e22c5b374 e16dd00132ce71b020217091ac717b612391c76c1fb2e88317c1bd8171d41ecb83e210c03cc9b32e810561c21621c73d6daac028f4b1585da7f425197 18cc9b09eef03818400028180077f06b3e343cae9988f4be3f76facbab565ab73d4ba295c52ba92428b1f2da1e6dd652413dd3afe0c5a4fcf365100cb e34ceca55a2c30a2a9ff7e899628557e39ce8fc615f53193a7e200b4b1cb21e3f1091d595716d229dded6872061f9b4b08301adc81f7ec1501ffb863c 0009536596ccb508596c3325892dc6d8c5c35b5

# Exit the public key view and save the public key entered by the user.

[Devicea-pkey-public-key-key1] Peer-public-key End

[Devicea] Return


Verifying the configuration

# Establish an SSH connection to the server 192.168.1.40 and specify the server-side host public key Key1. After you enter the correct user name and password, you can successfully log on to device B and the user role is network-admin.

<DeviceA> ssh2 192.168.1.40 PublicKey key1

Login as:client001

[email protected] ' s password:

******************************************************************************

* Copyright (c) 2004-2014 Hangzhou h3c Tech. Co., Ltd.  All rights reserved. *

* Without the owner ' s prior written consent, *

* No decompiling or reverse-engineering shall be allowed. *

******************************************************************************

<DeviceB>


Exiting the SSH service

[Devicea]undo SSH server enable


This article is from the "Zhao Ding Keystone" blog, be sure to keep this source http://zddkeystone.blog.51cto.com/10388617/1664172

Typical configuration for secure remote access or file management using the SSH (Secure shell, security shell) feature

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.