通过交换机ssh协议远程其他设备

拓扑

实验设备型号

AR2220两台

配置思路

SW1主要配置

[SW1-aaa]local-user ssh-test password cipher ssh@123
[SW1-aaa]local-user ssh-test privilege level 3
[SW1-aaa]local-user ssh-test service-type ssh terminal
[SW1]stelnet server enable
[SW1]ssh user ssh-test authentication-type password
[SW1]ssh user ssh-test service-type stelnet
[SW1]ssh client first-time enable
[SW1]user-interface vty 0 4 
[SW1-ui-vty0-4]authentication-mode aaa
[SW1-ui-vty0-4]user privilege level 3
[SW1-ui-vty0-4]protocol inbound ssh 

SW2主要配置

#
[SW2]ssh client first-time enable 
[SW2]stelnet 192.168.1.1
[SW2]stelnet 192.168.1.1
Please input the username:ssh-test
Trying 192.168.1.1 ...
Press CTRL+K to abort
Connected to 192.168.1.1 ...
Enter password:ssh@123
#

SW1配置脚本

<SW1>display current-configuration 

#
 sysname SW1
#
aaa 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
 local-user ssh-test password cipher %$%$*u.X'+(IMCnBCY'o5/<C>*T0%$%$
 local-user ssh-test privilege level 3
 local-user ssh-test service-type terminal ssh

#
interface GigabitEthernet0/0/0
 description to_SW2_G0/0/0
 ip address 192.168.1.1 255.255.255.252 
#
 ssh client first-time enable 
 stelnet server enable 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 3
 protocol inbound ssh
user-interface vty 16 20
#
return

SW2配置脚本

<SW2>display current-configuration 
#
 sysname SW2
#
interface GigabitEthernet0/0/0
 description to_SW1_G0/0/0
 ip address 192.168.1.2 255.255.255.252 
# 
 ssh client first-time enable 
#
return

配置说明1

#
aaa	#进入aaa视图
 local-user ssh-test password simple ssh123	#创建用户ssh-test，密码（明码）ssh123
 local-user ssh-test privilege level 15	#调整用户ssh-test权限等级15
 local-user ssh-test service-type ssh terminal	#调整用户ssh-test支持的服务为ssh和终端
#
stelnet server enable		#开启ssh服务
ssh user ssh-test	#将用户ssh-test添加到ssh服务
ssh user ssh-test authentication-type password	#调整ssh-test认证模式为密码
ssh user ssh-test service-type stelnet 	#将ssh用户ssh-test的服务调整为stelnet协议
ssh client first-time enable	#开启ssh客户端首次认证
#
user-interface vty 0 4	#进入虚拟通道0至4
 authentication-mode aaa	#认证模式为aaa
 user privilege level 15	#用户权限等级15
 protocol inbound ssh	#入方向协议为ssh
#
return

配置配置说明2

ssh client first-time enable	#开启ssh客户端首次认证
stelnet 192.168.1.1    #远程登录目标设备
Please input the username:ssh-test    #输入用户名
Enter password:    #输入密码