公告

我的分类(专题)

日志更新

最新评论

留言板

链接

Blog信息

ISCW实验34:配置SSH
suyajuncn11 发表于 2008-6-30 21:47:46

 

实验过程:
第一步  R1、R2的预配置
R1(config)#int f0/0
R1(config-if)#ip add 172.16.0.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#exit

R2(config)#int f0/0
R2(config-if)#ip add 172.16.0.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#exit

第二步  配置R1的SSH
R1(config)#ip domain-name norvel.com.cn
//  配置R1的domain-name
R1(config)#username norvel password norvel
//  配置SSH登陆的用户名和密码
R1(config)#crypto key generate rsa
//  生成公/密钥
The name for the keys will be: R1.norvel.com.cn
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]:
% Generating 512 bit RSA keys ...[OK]

R1(config)#end
R1#show crypto key mypubkey rsa
//  查看生成的公密钥
% Key pair was generated at: 00:02:52 UTC Mar 1 1993
Key name: R1.norvel.com.cn
 Usage: General Purpose Key
 Key is not exportable.
 Key Data:
  305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C1C7B4 0454D1CE
  D082EBDA D41F9146 1BECC50A D47B1551 0E7FF325 7D10D10F A08E1932 4920650F
  C708A3FD 1656E68C 94A3E8A0 B8F8327A 579DDD8A C7AA788D E9020301 0001
% Key pair was generated at: 00:02:52 UTC Mar 1 1993
Key name: R1.norvel.com.cn.server
 Usage: Encryption Key
 Key is not exportable.
 Key Data:
  307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00AD9339 5B8333ED
  A4B5E053 52AF0F0F 5326B0CC 514BCBAC 430A91EC E70DC124 61CC300C F67C1094
  916B72D9 26EE03EF 9777FCB4 49A08E00 959824E9 8546C806 84F1F3FC D17005EC
  914B4B3E C455DF44 7D99C30E 3781F384 83D890CB 42732BB1 C5020301 0001
R1#conf t
R1(config)#lin vty 0 4
R1(config-line)#transport input ssh
//  配置允许SSH登陆
R1(config-line)#login local
R1(config-line)#end

第三步  在R2上使用SSH进行登陆到R1
R2#ssh -l cisco 172.16.0.1

Password:
//  输入在R1上配置好的用户名与密码

R1>

第四步  同时在R1上进行调试
R1#debug ip ssh
Incoming SSH debugging is on
R1#
*Mar  1 00:04:48.215: SSH0: starting SSH control process
*Mar  1 00:04:48.215: SSH0: sent protocol version id SSH-1.5-Cisco-1.25
*Mar  1 00:04:48.275: SSH0: protocol version id is - SSH-1.5-Cisco-1.25
*Mar  1 00:04:48.275: SSH0: SSH_SMSG_PUBLIC_KEY msg
*Mar  1 00:04:48.311: SSH0: SSH_CMSG_SESSION_KEY msg - length 112, type 0x03
*Mar  1 00:04:48.311: SSH: RSA decrypt started
*Mar  1 00:04:48.383: SSH: RSA decrypt finished
*Mar  1 00:04:48.383: SSH: RSA decrypt started
*Mar  1 00:04:48.415: SSH: RSA decrypt finished
*Mar  1 00:04:48.415: SSH0: sending encryption confirmation
*Mar  1 00:04:48.419: SSH0: keys exchanged and encryption on
R1#
*Mar  1 00:04:48.443: SSH0: SSH_CMSG_USER message received
*Mar  1 00:04:48.447: SSH0: authentication request for userid cisco
*Mar  1 00:04:48.447: SSH0: SSH_SMSG_FAILURE message sent
R1#
*Mar  1 00:04:50.275: SSH0: SSH_CMSG_AUTH_PASSWORD message received
*Mar  1 00:04:50.279: SSH0: authentication successful for cisco
*Mar  1 00:04:50.391: SSH0: requesting TTY
*Mar  1 00:04:50.391: SSH0: setting TTY - requested: length 24, width 80; set: length 24, width 80
*Mar  1 00:04:50.431: SSH0: SSH_CMSG_EXEC_SHELL message received
*Mar  1 00:04:50.431: SSH0: starting shell for vty
R1#


阅读全文 | 回复(0) | 引用通告 | 编辑
 


发表评论:

    昵称:
    密码:
    主页:
    标题:


Powered by Oblog.