实验拓扑

实验需求

1. 按照图示搭建拓扑并配置IP地址

2. 在SSHserver上创建密钥

3. 在SSHserver上设置登录人数，验证方式以用户名密码登录，允许设备处理SSH协议

4. 在SSHserver上启用SSH协议

5. 在SSHserver上创建用户"yige"，密码“poiu123456"用来验证

6. 在设备c上通过SSH登录SSHserver

实验解析

1、配置IP地址

步骤1：配置SSHserver的IP地址

[SSHserver]int g0/0
[SSHserver-GigabitEthernet0/0]ip address 192.168.10.1 24

步骤2：配置c的IP地址

[C]int g0/0
[C-GigabitEthernet0/0]ip address 192.168.10.2 24

2、在SSHserver上创建密钥

[SSHserver]public-key local create dsa 
[SSHserver]public-key local create rsa 

3、在SSHserver上设置登录人数，验证方式以用户名密码登录，允许设备处理SSH协议

[SSHserver]line vty 0 63
[SSHserver-line-vty0-63]authentication-mode scheme
[SSHserver-line-vty0-63]protocol inbound ssh

4、在SSHserver上启用SSH协议

[SSHserver]ssh server enable 

5、在SSHserver上创建用户"yige"，密码“poiu123456"用来验证

[SSHserver]local-user yige
[SSHserver-luser-manage-yige]password simple poiu123456
[SSHserver-luser-manage-yige]authorization-attribute user-role network-admin 赋予权限
[SSHserver-luser-manage-yige]service-type ssh 服务类型为ssh

6、在设备c上通过SSH登录SSHserver

<C>ssh 192.168.10.1
Username: yige
Press CTRL+C to abort.
Connecting to 192.168.10.1 port 22.
The server is not authenticated. Continue? [Y/N]:y
Do you want to save the server public key? [Y/N]:y
yige@192.168.10.1's password: 
Enter a character ~ and a dot to abort.
​
******************************************************************************
* Copyright (c) 2004-2021 New H3C Technologies Co., Ltd. All rights reserved.*
* Without the owner's prior written consent,                                 *
* no decompiling or reverse-engineering shall be allowed.                    *
******************************************************************************
​
<SSHserver>