配置单机远程ssh连接
实验环境如图
一台pc机、一台Cisco的switch;
Cisco配置命令如下
Switch>
Switch>enable //进入特权模式
Switch#configure terminal //切换全局配置模式
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface vlan 2 //创建并进入vlan 2
Switch(config-if)#ip address 192.168.75.5 255.255.255.0 //为vlan 2 配置管理ip地址
Switch(config-if)#no shutdown //启用vlan 2
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/1 //进入f0/1口
Switch(config-if)#switchport mode access //配置接口工作模式为access模式允许vlan通过
Switch(config-if)#switchport access vlan 2 //封装vlan 2
% Access VLAN does not exist. Creating vlan 2
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan2, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up
Switch(config-if)#
Switch(config-if)#exit
Switch(config)#hostname test //配置交换机hostname
test(config)#ip ssh version 2 //启用v2版的ssh服务
Please create RSA keys (of at least 768 bits size) to enable SSH v2.
test(config)#
test(config)#ip domain-name test.com //配置交换机domain-name
test(config)#
test(config)#crypto key generate rsa //生成密钥
The name for the keys will be: test.test.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024 //设置密钥位数
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
test(config)#
*Mar 1 0:9:30.668: %SSH-5-ENABLED: SSH 2 has been enabled
test(config)#enable password admin //配置特权模式密码(secret密码为加密的,password为明文的)
test(config)#
test(config)#username admin secret admin //配置用户名和密码(secret密码为加密的,password为明文的)
test(config)#
test(config)#line vty 0 4 //进入管理线路vty 0 4
test(config-line)#
test(config-line)#transport input ssh //只允许ssh登录
test(config-line)#login local //使用本地数据库
test(config-line)#end
test#
%SYS-5-CONFIG_I: Configured from console by console
test#write //保存配置
Building configuration...
[OK]
test#