ENSP配置华为路由器配置SSH登陆-USB迷|专注于互联网分享

拓扑如图所示,R1作为SSH 客户端，R2作为SSH服务器

配置R1 接口IP地址
[R1]interface G0/0/0

[R1-GigabitEthernet0/0/0]IP address 192.168.12.1 24

配置R2 接口IP地址

[R2]interface G0/0/0

[R2-GigabitEthernet0/0/0]IP address 192.168.12.2 24

测试连通性

[R1]PING 192.168.12.2
PING 192.168.12.2: 56 data bytes, press CTRL_C to break
Reply from 192.168.12.2: bytes=56 Sequence=1 ttl=255 time=60 ms

R2全局开启SSH服务器

[R2]stelnet server enable

R2 VTY接口允许SSH协议，配置认证方式为AAA

[R2]user-interface vty 0 4

[R2-ui-vty0-4]protocol inbound all

[R2-ui-vty0-4]authentication-mode aaa

AAA模式下新建SSH用户，配置用户级别，服务类型

[R2-ui-vty0-4]authentication-mode aaa

[R2-aaa]local-user huawei password cipher huawei@123

[R2-aaa]local-user huawei privilege level 15

[R2-aaa]local-user huawei service-type ssh

全局模式下添加本地密钥对，密钥对大小值采用默认

[R2]rsa local-key-pair create

The range of public key size is (512 ~ 2048).

R1测试登陆前允许SSH客户端初次启用

[R1]ssh client first-time enable

R1登陆SSH，输入用户名，接收R2发送的公钥

[R1]stelnet 192.168.12.2

Please input the username:huawei

The server is not authenticated. Continue to access it? (y/n)[n]:y

Save the server's public key? (y/n)[n]:y

输入密码，登陆成功

[R1]
Enter password:
<R2>