Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Today I would like to focus on SSH application. What I want to do is to configure SSH
connection between two switches, using password and RSA authentication:
#
sysname SSH_client
#
vlan batch 100
#
interface Vlanif100
ip address 10.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port hybrid tagged vlan 100
#
sysname SSH_server
#
vlan batch 100
#
interface Vlanif100
ip address 10.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/1
port hybrid tagged vlan 100
Create an SSH user named labnario_pass and configure the authentication mode as password
for the user:
Create an SSH user named labnario_rsa and configure the authentication mode as RSA for the
user:
Send the RSA public key, generated on the client, to the server:
=====================================================
Time of Key pair created: 12:14:00 2013/3/4
Key name: SSH_client_Host
Key type: RSA encryption Key
=====================================================
Key code:
3047
0240
E3A7DD2A 41619DB8 87C393E6 37F8EC7F FE3CCC99
648127E9 5CB55853 682B6769 6A1A29AC F14C4B6C
BB42D341 FFACE436 72629F6D 83BA629D 820EB648
FED5D523
0203
010001
...
[SSH_server]rsa peer-public-key labnario
Enter "RSA public key" view, return system view with "peer-public-key end".
[SSH_server-rsa-public-key]public-key-code begin
Enter "RSA key code" view, return last view with "public-key-code end".
[SSH_server-rsa-key-code]3047
[SSH_server-rsa-key-code] 0240
[SSH_server-rsa-key-code] E3A7DD2A 41619DB8 87C393E6 37F8EC7F FE3CCC99
[SSH_server-rsa-key-code] 648127E9 5CB55853 682B6769 6A1A29AC F14C4B6C
[SSH_server-rsa-key-code] BB42D341 FFACE436 72629F6D 83BA629D 820EB648
[SSH_server-rsa-key-code] FED5D523
[SSH_server-rsa-key-code] 0203
[SSH_server-rsa-key-code] 010001
[SSH_server-rsa-key-code]public-key-code end
[SSH_server-rsa-public-key]peer-public-key end
Bind the RSA public key of the SSH_client to labnario_rsa on the SSH_server:
You must enable the initial authentication on the SSH_client for the first login:
[SSH_client]stelnet 10.0.0.2
Please input the username:labnario_pass
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
The server is not authenticated. Continue to access it? [Y/N] :y
Save the server's public key? [Y/N] :y
The server's public key will be saved with the name 10.0.0.2. Please wait...
Enter password:
Info: The max number of VTY users is 5, and the number
of current VTY users on line is 1.
The current login time is 2013-03-04 12:22:52.
<SSH_server>
[SSH_client]stelnet 10.0.0.2
Please input the username:labnario_rsa
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
Info: The max number of VTY users is 5, and the number
of current VTY users on line is 1.
The current login time is 2013-03-04 12:23:10.
<SSH_server>
To use SFTP to connect to SSH_server just add the following configuration to SSH_server:
[SSH_client]sftp 10.0.0.2
Please input the username:labnario_pass
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
Enter password:
<sftp-client>dir
drwxrwxrwx 1 noone nogroup 0 Mar 04 12:04 src
drwxrwxrwx 1 noone nogroup 0 Mar 04 12:05 compatible
-rwxrwxrwx 1 noone nogroup 890 Mar 04 12:23 vrpcfg.zip
<sftp-client>quit
Bye
[SSH_client]
[SSH_client]
[SSH_client]sftp 10.0.0.2
Please input the username:labnario_rsa
Trying 10.0.0.2 ...
Press CTRL+K to abort
Connected to 10.0.0.2 ...
<sftp-client>dir
drwxrwxrwx 1 noone nogroup 0 Mar 04 12:04 src
drwxrwxrwx 1 noone nogroup 0 Mar 04 12:05 compatible
-rwxrwxrwx 1 noone nogroup 890 Mar 04 12:23 vrpcfg.zip
<sftp-client>quit
Bye