ssh配置登陆网络设备,拓扑如下:
R1配置
R1>enable
R1#conf t
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 10.33.10.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#aaa new-model
R1(config)#ip domain-name cisco.com
R1(config)#username cisco password cisco
R1(config)#crypto key generate rsa modulus 2048
The name for the keys will be: R1.cisco.com
% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
R1(config)#line vty 0 15
R1(config-line)#transport input ssh
R1(config-line)#exit
至此R1的ssh配置配完可以正常使用
R4配置:
R4>enable
R4#conf t
R4(config)#interface fastEthernet 0/0
R4(config-if)#ip address 10.33.10.2 255.255.255.0
R4(config-if)#no shutdown
R4(config-if)#exit
R4(config)#exit
R4#ping 10.33.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.33.10.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 24/31/40 ms
R4#telnet 10.33.10.1
Trying 10.33.10.1 ...
% Connection refused by remote host
R4#ssh -l cisco 10.33.10.1
Password:
R1>en
% Error in authentication.
R1>show
(此时发现R4虽然ssh登陆上了R1但是并不能进特权模式,因为R1上的enable password还没配置
R1(config)#enab
R1(config)#enable pass
R1(config)#enable password cisco
R4#ssh -l cisco 10.33.10.1
Password:
R1>enable
Password:
R1#
此时R4可以完全ssh进入R1了
注解:在R4上登陆的时候别犯小错误了,一定要用-l参数 并后跟用户名,ssh格式如此:ssh -l 用户名 IP地址
如果你这样操作就会出现错误提示:
R4#ssh 10.33.10.1
% No user specified nor available for SSH client
R4#
到此为止吧!
