使用ssh协议访问cisco设备
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://eric86.blog.51cto.com/115287/47596 |
SSH协议要在12.1(11)以上的IOS版本才被cisco设备支持的.查看IOS版本
Router#show version
Cisco IOS Software, 3600 Software (C3640-JS-M), Version 12.4(10), RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Wed 16-Aug-06 04:04 by prod_rel_team ROM: ROMMON Emulation Microcode
ROM: 3600 Software (C3640-JS-M), Version 12.4(10), RELEASE SOFTWARE (fc1) Router uptime is 11 minutes
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19 System restarted at 19:05:39 UTC Wed Oct 24 2007 System image file is "tftp://255.255.255.255/unknown" Cisco 3640 (R4700) processor (revision 0xFF) with 124928K/6144K bytes of memory. Processor board ID 00000000 R4700 CPU at 100MHz, Implementation 33, Rev 1.2 1 FastEthernet interface 4 Serial interfaces DRAM configuration is 64 bits wide with parity enabled. 125K bytes of NVRAM. 8192K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 下面开始正式配置SSH
ssh(config)#hostname ssh
ssh(config)#ip domain-name eric.com ssh(config)#aaa new-model ssh(config)#username eric86 password eric86 ssh(config)#crypto key generate rsa modulus 2048 The name for the keys will be: ssh.eric.com % The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK] ssh(config)#line vty 0 15 ssh(config-line)#transport input ssh ssh(config-line)#exit *Oct 24 19:26:06.595: %SSH-5-ENABLED: SSH 1.99 has been enabled 出于安全方面的原因,在对企业的cisco网络产品应该启用SSH并禁用TELNET.因为telnet是以明文方式传递口令的,而ssh不以明文方式传递口令,并且可以与radius和racacs+的方法一起使用.这样一来就可以大大的增加cisco设备的安全性.问题虽简单,但细节决定一切. 本文出自 “网络实验室” 博客,请务必保留此出处http://eric86.blog.51cto.com/115287/47596 本文出自 51CTO.COM技术博客 |
adonv
博客统计信息
热门文章
最新评论
友情链接
