配置SSH:张超--南北方

公告

配置SSH:张超

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip do lo
Router(config)#line con 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#ho R1
R1(config)#inter e1/0
R1(config-if)#ip add 172.16.18.101 255.255.0.0
R1(config-if)#no shut
R1(config-if)#inter e0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exi
R1(config)#ip domain-name norvel.com.cn
R1(config)#crypto key generate rsa
The name for the keys will be: R1.norvel.com.cn
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]:
% Generating 512 bit RSA keys ...[OK]

R1(config)#end

R1#show crypto key mypubkey rsa
% Key pair was generated at: 00:03:17 UTC Mar 1 1993
Key name: R1.norvel.com.cn
Usage: General Purpose Key
Key is not exportable.
Key Data:
305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00BF5E71 01BAE058
E6DC0834 857607F0 21B191CE BBF3567D E3C00706 84996AF6 DA95D5EE 4E693BCE
A879489D 43B1140B 212774F5 9B7F4B8A B5809A89 53F4E154 7B020301 0001
% Key pair was generated at: 00:03:18 UTC Mar 1 1993
Key name: R1.norvel.com.cn.server
Usage: Encryption Key
Key is not exportable.
Key Data:
307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00CB06F4 AEE0607E
2BE0E349 85AA8860 F667A746 E22893E1 57585660 DAD6A0FE 5705E6E1 E648829C
26BC14E8 68153031 A1486E5A 1C17713D 91481CE4 EDB005A5 9E95698F F943B6E6
79D44D7D D88B693F C56E333E C20A0FFD 946C63AD 23C98727 BB020301 0001

R1(config)#line vty 0 4
R1(config-line)#transport input ssh
R1(config-line)#login local
R1(config-line)#exi
R1(config)#username cisco password cisco

R1#debug ip ssh
Incoming SSH debugging is on
R1#
*Mar 1 00:12:11.279: SSH0: Session terminated normally
R1#
*Mar 1 00:12:13.747: SSH0: starting SSH control process
*Mar 1 00:12:13.751: SSH0: sent protocol version id SSH-1.5-Cisco-1.25
*Mar 1 00:12:14.071: SSH0: protocol version id is - SSH-1.5-Cisco-1.25
*Mar 1 00:12:14.075: SSH0: SSH_SMSG_PUBLIC_KEY msg
*Mar 1 00:12:14.559: SSH0: SSH_CMSG_SESSION_KEY msg - length 112, type 0x03
*Mar 1 00:12:14.563: SSH: RSA decrypt started
*Mar 1 00:12:14.695: SSH: RSA decrypt finished
*Mar 1 00:12:14.695: SSH: RSA decrypt started
*Mar 1 00:12:14.839: SSH: RSA decrypt finished
*Mar 1 00:12:14.839: SSH0: sending encryption confirmation
*Mar 1 00:12:14.839: SSH0: keys exchanged and encryption on
R1#
*Mar 1 00:12:14.847: SSH0: SSH_CMSG_USER message received
*Mar 1 00:12:14.847: SSH0: authentication request for userid cisco
*Mar 1 00:12:14.851: SSH0: SSH_SMSG_FAILURE message sent
R1#
*Mar 1 00:12:17.887: SSH0: SSH_CMSG_AUTH_PASSWORD message received
*Mar 1 00:12:17.895: SSH0: authentication successful for cisco
*Mar 1 00:12:17.995: SSH0: requesting TTY
*Mar 1 00:12:17.995: SSH0: setting TTY - requested: length 24, width 80; set: length 24, width 80
*Mar 1 00:12:18.231: SSH0: SSH_CMSG_EXEC_SHELL message received
*Mar 1 00:12:18.235: SSH0: starting shell for vty

Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip do lo
Router(config)#line con 0
Router(config-line)#no exec-t
Router(config-line)#logg s
Router(config-line)#ho R2
R2(config)#inte e1/0
R2(config-if)#ip add 172.16.18.102 255.255.0.0
R2(config-if)#no shut
R2(config-if)#inter e0/0
R2(config-if)#inter e0/0
R2(config-if)#ip add 192.168.1.2 255.255.255.0
R2(config-if)#no shut
R2(config-if)#end
R2#ssh -l cisco 192.168.1.1
Password:
R1>exi