1、拓扑图
最终实现通过AR1 来SSH登陆到AR2 上
2、配置AR2为开启SSH服务
Please press enter to start cmd line!
##############
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]int
[Huawei]interface g
[Huawei]interface GigabitEthernet 0/0/0
[Huawei-GigabitEthernet0/0/0]ip addr
[Huawei-GigabitEthernet0/0/0]ip address 12.1.1.2 24
[Huawei-GigabitEthernet0/0/0]
Dec 8 2017 22:12:30-08:00 Huawei %%01IFNET/4/LINK_STATE(l)[1]:The line protocol
IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[Huawei-GigabitEthernet0/0/0]q
[Huawei]stel
[Huawei]stelnet ser
[Huawei]stelnet server en
[Huawei]stelnet server enable
Info: Succeeded in starting the STELNET server.
[Huawei]rsa ?
local-key-pair Local RSA public key pair operations
peer-public-key Remote peer RSA public key configuration.
[Huawei]rsa loc
[Huawei]rsa local-key-pair ?
create Create new local public key pairs
destroy Destroy the local public key pairs
[Huawei]rsa local-key-pair cre
[Huawei]rsa local-key-pair create
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
........................++++++
.........++++++
............++++++++
...............++++++++
[Huawei]aaa
[Huawei-aaa]loc
[Huawei-aaa]local-user user-ssh pass
[Huawei-aaa]local-user user-ssh password ci
[Huawei-aaa]local-user user-ssh password cipher huawei
Info: Add a new user.
[Huawei-aaa]loc
[Huawei-aaa]local-user user-ssh pri
[Huawei-aaa]local-user user-ssh privilege level
[Huawei-aaa]local-user user-ssh privilege level 2
[Huawei-aaa]loc
[Huawei-aaa]local-user user
[Huawei-aaa]local-user user-ssh serv
[Huawei-aaa]local-user user-ssh service-type ssh
[Huawei-aaa]q
[Huawei]user-in
[Huawei]user-interface vty
[Huawei]user-interface vty 0
[Huawei]user-interface vty 0 4
[Huawei]user-interface vty 0 4
[Huawei-ui-vty0-4]aut
[Huawei-ui-vty0-4]authentication-mode aaa
[Huawei-ui-vty0-4]pro
[Huawei-ui-vty0-4]protocol ?
inbound Incoming protocol
[Huawei-ui-vty0-4]protocol in
[Huawei-ui-vty0-4]protocol inbound ssh
[Huawei-ui-vty0-4]q
[Huawei]ssh user
[Huawei]ssh user user
[Huawei]ssh user user-
[Huawei]ssh user user-ssh au
[Huawei]ssh user user-ssh authentication-type ?
all All authentication, password or RSA
password Password authentication
password-rsa Both password and RSA
rsa RSA authentication
[Huawei]ssh user user-ssh authentication-type all
Authentication type setted, and will be in effect next time
[Huawei]sysnan
[Huawei]sysna
[Huawei]sysname AR@
[AR@]sysname AR@
[AR@]sysname AR2
[AR2]
3、AR1作为SSH客户端接连AR2测试
Please press enter to start cmd line!
##########################
<Huawei>
Dec 8 2017 22:11:25-08:00 Huawei %%01IFPDT/4/IF_STATE(l)[0]:Interface GigabitEt
hernet0/0/0 has turned into UP state.
<Huawei>
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1
[AR1]int
[AR1]interface g
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 12.1.1.1 24
[AR1-GigabitEthernet0/0/0]
Dec 8 2017 22:20:08-08:00 AR1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[AR1-GigabitEthernet0/0/0]q
[AR1]ping 12.1.1.2
PING 12.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 12.1.1.2: bytes=56 Sequence=1 ttl=255 time=160 ms
Reply from 12.1.1.2: bytes=56 Sequence=2 ttl=255 time=50 ms
Reply from 12.1.1.2: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 12.1.1.2: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 12.1.1.2: bytes=56 Sequence=5 ttl=255 time=30 ms
--- 12.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/56/160 ms
[AR1]ssh 12.1.1.2
^
Error: Unrecognized command found at '^' position.
[AR1]ssh
[AR1]ssh ?
client Set SSH client attribute
server Specify the server attribute
user SSH user
[AR1]ssh ssh
[AR1]ssh clei
[AR1]ssh clien
[AR1]ssh client ?
STRING<1-64> Specify SSH server IP address or name
first-time Set SSH client attribute of authenticating user for the first
time access.
[AR1]ssh client fri
[AR1]ssh client fir
[AR1]ssh client first-time
^
Error:Incomplete command found at '^' position.
[AR1]ssh client first-time
^
Error:Incomplete command found at '^' position.
[AR1]ssh client first-time ?
enable Enable authentication for first time access.
[AR1]ssh client first-time en
[AR1]ssh client first-time enable
[AR1]ssh
[AR1]ssh ?
client Set SSH client attribute
server Specify the server attribute
user SSH user
[AR1]ste
[AR1]stelnet ?
STRING<1-255> IP address or host name of a remote system
-a Set the source IP address of SSH packets
server Set Stelnet server
[AR1]stelnet 12.1.1.2
Please input the username:user-ssh
Trying 12.1.1.2 ...
Press CTRL+K to abort
Connected to 12.1.1.2 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Dec 8 2017 22:23:15-08:00 AR1 %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[1]:The server h
ad not been authenticated in the process of exchanging keys. When deciding wheth
er to continue, the user chose Y.
[AR1]
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 12.1.1.2. Please wait...
Dec 8 2017 22:23:21-08:00 AR1 %%01SSH/4/SAVE_PUBLICKEY(l)[2]:When deciding whet
her to save the server's public key 12.1.1.2, the user chose Y.
[AR1]
Enter password:
<AR2>dis ip in
<AR2>dis ip interface bri
<AR2>dis ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
<AR2>