配置华为防火墙SSH连接
Posted 正在努力中的杨Sir
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了配置华为防火墙SSH连接相关的知识,希望对你有一定的参考价值。
命令配置防火墙SSH连接:
[FW1]rsa local-key-pair create //产生密钥对相当于启用SSH
The key name will be: FW1_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 2048]: //直接回车
Generating keys...
..+++++
........................++
....++++
...........++
[FW1]int g1/0/0
[FW1-GigabitEthernet1/0/0]service-manage ssh permit
[FW1-GigabitEthernet1/0/0]quit
[FW1]user-interface vty 0 4
[FW1-ui-vty0-4]dis this
#
user-interface con 0
authentication-mode password
set authentication password cipher $1a$W8)0/(XE8+$&jfQ#8TQ%Bt'2D3/cp"!@8>|Hrw]i
6\\/N9A,z~zM$
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
user-interface vty 16 20
#
return
[FW1-ui-vty0-4]quit
[FW1]aaa //配置AAA认证
[FW1-aaa]manager-user yangqi //配置用户名
[FW1-aaa-manager-user-yangqi]password cipher Yangqi123 //配置密码
[FW1-aaa-manager-user-yangqi]level 15 //配置权限等级
[FW1-aaa-manager-user-yangqi]service-type ssh //配置应用服务
[FW1-aaa-manager-user-yangqi]quit //退出
[FW1-aaa]quit //退出
[FW1]stelnet server enable //开启SSH服务
[FW1]ssh user yangqi
[FW1]ssh user yangqi authentication-type password
[FW1]ssh user yangqi service-type stelnet
[FW1]
[R1]ssh client first-time enable
[R1]stelnet 192.168.1.2
Please input the username:yangqi
Trying 192.168.1.2 ...
Press CTRL+K to abort
Connected to 192.168.1.2 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 192.168.1.2. Please wait...
Enter password:
The password needs to be changed. Change now? [Y/N]: y
Please enter old password:
Please enter new password:
Please confirm new password:
Info: The connection was closed by the remote host.
[R1]stelnet 192.168.1.2
Please input the username:yangqi
Trying 192.168.1.2 ...
Press CTRL+K to abort
Connected to 192.168.1.2 ...
Enter password:
*************************************************************************
* Copyright (C) 2014-2015 Huawei Technologies Co., Ltd. *
* All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
*************************************************************************
Info: The max number of VTY users is 10, and the number
of current VTY users on line is 2.
The current login time is 2021-07-11 08:40:29+00:00.
<FW1>dis users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
0 CON 0 00:09:41 pass no
Username : Unspecified
34 VTY 0 00:00:00 SSH 192.168.1.1 pass no
Username : yangqi
+ 35 VTY 1 00:00:00 SSH 192.168.1.1 pass no
Username : yangqi
<FW1>
以上是关于配置华为防火墙SSH连接的主要内容,如果未能解决你的问题,请参考以下文章