华为交换机ssh登录配置

【交换机启用SSH登录访问设置】
配置VTY用户界面的支持协议类型、认证方式和用户级别。
[HUAWEI] user-interface vty 0 4
[HUAWEI-ui-vty0-4] authentication-mode aaa             //配置VTY用户界面认证方式为AAA认证
[HUAWEI-ui-vty0-4] protocol inbound ssh                  //配置VTY用户界面支持的协议为SSH
[HUAWEI-ui-vty0-4] user privilege level 15                 //配置VTY用户界面的级别为15
[HUAWEI-ui-vty0-4] quit
开启STelnet服务器功能并创建SSH用户。
[HUAWEI] stelnet server enable                                 //使能设备的STelnet服务器功能
[HUAWEI] ssh user admin                                          //创建SSH用户admin
[HUAWEI] ssh user admin service-type stelnet           //配置SSH用户的服务方式为STelnet
配置SSH用户认证方式。
# 配置SSH用户认证方式为Password（另外一种用户认证方式为RSA、DSA或ECC，及免密码登录，不常用）
[HUAWEI] ssh user admin authentication-type password      //配置SSH用户认证方式为password
[HUAWEI] aaa[HUAWEI-aaa] local-user admin privilege level 15 
[HUAWEI-aaa] local-user admin service-type ssh 

[HUAWEI-aaa] local-user admin password irreversible-cipher abcd@123                    //设置密码
[HUAWEI-aaa] quit
[HUAWEI]ssh server-source all

【取消交换机次登录修改密码】
<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] local-aaa-user password policy administrator
[HUAWEI-aaa-lupp-admin] undo password alert original

查看配置：

[HUAWEI]user-interface vty 0 4

[HUAWEI-ui-vty0-4]dis this

#

user-interface con 0

authentication-mode password

set authentication password cipher $1234354678qwertyasdfgh^YHN$RFVasdfgh

user-interface vty 0 4

authentication-mode aaa

user privilege level 15

protocol inbound all

user-interface vty 16 20

#

return

[HUAWEI-ui-vty0-4]

[HUAWEIdis this

#

stelnet server enable

ssh user admin

ssh user admin authentication-type password

ssh user admin service-type stelnet

ssh server-source all-interface

ssh server cipher aes256_ctr aes128_ctr

ssh server hmac sha2_256

ssh server key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256 dh_group_exchange_sha256

ssh client cipher aes256_ctr aes128_ctr

ssh client hmac sha2_256

ssh client key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256 dh_group_exchange_sha256

ssh server dh-exchange min-len 2048

ssh server publickey rsa_sha2_512 rsa_sha2_256

#

return

[HUAWEI]

[HUAWEI-aaa]dis this

#

aaa

authentication-scheme default

 authentication-mode local

authentication-scheme radius

 authentication-mode radius

authorization-scheme default

 authorization-mode local

accounting-scheme default

 accounting-mode none

local-aaa-user password policy administrator

 password history record number 0

 password expire 0

domain default

 authentication-scheme radius

 accounting-scheme default

 radius-server default

domain default_admin

 authentication-scheme default

 accounting-scheme default

local-user admin password irreversible-cipher $!@#$%ASDFASDFasdfwert$

local-user admin privilege level 15

local-user admin service-type terminal ssh http

#

return

[HUAWEI-aaa]