Configuring Secure Shell on Cisco IOS Routers-1ApMqD6-ChinaUnix博客

linux乐园37673

首页　| 　博文目录　| 　关于我

1ApMqD6

博客访问： 587193
博文数量： 805
博客积分： 4000
博客等级：上校
技术积分： 5000
用户组：普通用户
注册时间： 2008-10-17 14:22

文章分类

全部博文（805）

未分配的博文（805）

文章存档

2011年（1）

2008年（804）

我的朋友

最近访客

推荐博文

Configuring Secure Shell on Cisco IOS Routers

分类：

2008-10-17 14:38:00

　　Hardware and Software Versions
　　The information in this document is based on the software version below.
　　
　　 IOS 3600 Software (C3640-IK9S-M), Version 12.2(2)T1
　　
　　SSH was introduced into IOS platforms/images as shown below.
　　
　　SSH Version 1.0 (SSHv1) server was introduced in some IOS platforms/images starting in 12.0.5.S.
　　SSH client was introduced in some IOS platforms/images starting in 12.1.3.T.
　　SSH terminal-line access (also known as reverse-telnet) was introduced in some IOS platforms/images starting in 12.2.2.T.
　　[[The No.1 Picture.]]
　　Testing Authentication Without SSH:
　　!--- aaa new-model causes the local username/password on the router
　　!--- to be used in the absence of other aaa statements.
　　aaa new-model
　　username cisco password 0 cisco
　　line vty 0 4
　　!--- Instead of aaa new-model, the login local command may be used.ip domain-name rtp.cisco.com
　　!--- Generate an SSH key to be used with SSH.
　　
　　Testing Authentication With SSH:
　　cry key generate rsa
　　ip ssh time-out 60
　　ip ssh authentication-retries 2
　　
　　ip domain-name rtp.cisco.com
　　!--- Generate an SSH key to be used with SSH.
　　cry key generate rsa
　　ip ssh time-out 60
　　ip ssh authentication-retries 2
　　
　　line vty 0 4
　　!--- Prevent non-SSH telnets.
　　transport input ssh
　　ssh
　　!--- Step 1: Configure hostname if you have not previously done so.
　　hostname carter
　　!--- aaa new-model causes the local username/password on the router
　　!--- to be used in the absence of other AAA statements.
　　aaa new-model
　　username cisco password 0 cisco
　　!--- Step 2: Configure the router's DNS domain.
　　ip domain-name rtp.cisco.com
　　!--- Step 3: Generate an SSH key to be used with SSH.
　　cry key generate rsa
　　ip ssh time-out 60
　　ip ssh authentication-retries 2
　　!--- Step 4: By default the vtys' transport is Telnet. In this case,
　　!--- Telnet has been disabled and only SSH is supported.
　　line vty 0 4
　　transport input SSH
　　!--- Instead of aaa new-model, the login local command may be used.
　　测试ssh
　　ssh -l cisco -c 3des 10.13.1.99
　　Adding SSH Terminal-Line Access
　　ip ssh port 2001 rotary 1
　　line 1 16
　　no exec
　　rotary 1
　　transport input ssh
　　exec-timeout 0 0
　　modem In Out
　　Stopbits 1
　　
　　
　　
　　
　　
　　
　　
　　
　　

【责编:admin】

--------------------next---------------------

阅读(234) | 评论(0) | 转发(0) |

上一篇：实战手记之Native IOS 6509

下一篇：Catalys 3524 IOS恢复

给主人留下些什么吧！~~

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6