目的:通过pc远程对路由器进行配置
(1)telnet协议
仿真实验:
R1(config)#username admin privilege 15 password admin //创建本地账号,授予15的特权级别
R1(config)#line vty 0 2 //进入虚拟终端线路,0-2表示同时允许三个会话,用于远程登录设备
R1(config-line)#login local //使用本地账号登录
验证:pc0可以进行远程控制路由器R1
华为:ensp的pc无发使用telnet所以两边都得是路由器
并且控制的路由器要处于 <huawei>模式下
[Huawei]user-interface vty 0 4
[Huawei-ui-vty0-4]authentication-mode password //密码模式
Please configure the login password (maximum length 16):123456 //密码
ssh:相较于telnet更先进安全一点
一定要先改路由器名(会提示要区别于其他路由器名字才能配置密钥对)
R2(config)#ip domain name abc.com //配置域名
R2(config)#username admin privilege 15 password admin //创建本地账号,并授权为特权级别15
R2(config)#crypto key generate rsa general-keys modulus 1024 //产生ssh密钥对,并启用ssh
R2(config)#line vty 0 4 //进入到虚拟终端线路 //0 4 代表最大同时4人
R2(config-line)#login local //采用本地账号进行验证
R2(config-line)#transport input ssh //虚拟终端的远程登录只允许ssh协议
注意:ssh -l(是L不是1) 后边是用户名加地址
华为:
被控制设备:
[Huawei]stelnet server enable
Info: Succeeded in starting the STELNET server.
[Huawei]rsa local-key-pair create
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
.....................................++++++
...........++++++
...................................................++++++++
....++++++++
[Huawei]aaa
[Huawei-aaa]local-user user-ssh password cipher 123456
[Huawei-aaa]local-user user-ssh privilege level 2
[Huawei-aaa]local-user user-ssh service-type ssh
[Huawei]user-interface vty 0 4
[Huawei-ui-vty0-4]authentication-mode aaa
[Huawei-ui-vty0-4]protocol inbound ssh
[Huawei]ssh user user-ssh authentication-type all
控制设备
[Huawei]stelnet 10.1.1.2