Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
S1>en
S1#sh run
Building configuration...
S1#
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#int vlan 1
S1(config-if)#ip add 192.168.1.1 255.255.255.0
S1(config-if)#no sh
S1(config-if)#
*Mar 1 00:33:54.002: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar 1 00:33:55.009: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1,
changed state to up
S1(config-if)#do sh version
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(53)SE2,
RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 21-Apr-10 05:52 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01500000
S1 uptime is 34 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbasek9-mz.122-53.SE2/c2960-lanbasek9-mz.122-
53.SE2.bin"
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
S1(config-if)#dir
^
% Invalid input detected at '^' marker.
S1(config-if)#
S1(config-if)#exit
S1(config)#exit
S1#d
*Mar 1 00:36:26.398: %SYS-5-CONFIG_I: Configured from console by consoleir
Directory of flash:/
S1#erase c2960-lanbasek9-mz.150-2.SE11
^
% Invalid input detected at '^' marker.
S1#dir
Directory of flash:/
S1#cd ..
S1#dir
Directory of flash:/
S1 uptime is 47 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbasek9-mz.122-53.SE2/c2960-lanbasek9-mz.122-
53.SE2.bin"
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
S1#copy tftp:c
S1#copy tftp:c2960-lanbasek9-mz.150-2.SE11.bin flash:
Address or name of remote host []? 192.168.1.1
Destination filename [c2960-lanbasek9-mz.150-2.SE11.bin]?
Accessing tftp://192.168.1.1/c2960-lanbasek9-mz.150-2.SE11.bin...
%Error opening tftp://192.168.1.1/c2960-lanbasek9-mz.150-2.SE11.bin (Timed out)
S1#
S1#
S1#
S1#
S1#
S1#copy tftp:c2960-lanbasek9-mz.150-2.SE11.bin flash:
Address or name of remote host [192.168.1.1]? 192.168.1.3
Source filename [c2960-lanbasek9-mz.150-2.SE11.bin]?
Destination filename [c2960-lanbasek9-mz.150-2.SE11.bin]?
Accessing tftp://192.168.1.3/c2960-lanbasek9-mz.150-2.SE11.bin...
Loading c2960-lanbasek9-mz.150-2.SE11.bin from 192.168.1.3 (via
Vlan1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 11832946 bytes]
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#boot system c2960-lanbasek9-mz.150-2.SE11.bin
S1(config)#exit
S1#
*Mar 1 00:57:20.964: %SYS-5-CONFIG_I: Configured from console by console
S1#sh version
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(53)SE2,
RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 21-Apr-10 05:52 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01500000
S1 uptime is 57 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbasek9-mz.122-53.SE2/c2960-lanbasek9-mz.122-
53.SE2.bin"
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
S1#wr
Building configuration...
[OK]
S1#reload
Proceed with reload? [confirm]y
*Mar 1 00:57:51.717: %SYS-5-RELOAD: Reload requested by console. Reload reason:
Reload command
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:1c:0f:e6:39:80
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...
flashfs[0]: 543 files, 19 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 24128000
flashfs[0]: Bytes available: 8386048
flashfs[0]: flashfs fsck took 19 seconds.
...done Initializing Flash.
done.
Loading "c2960-lanbasek9-mz.150-2.SE11.bin"...c2960-lanbasek9-mz.150-2.SE11.bin: no
such device
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
S1>en
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#ip ssh version 2
S1(config)#ip ssh logging
S1(config)#ip ssh logging ev
S1(config)#ip ssh logging events
S1(config)#ip ssh time
S1(config)#ip ssh time-out 60
S1(config)#ip ssh aut
S1(config)#ip ssh authentication-retries 5
S1(config)#username resi secret resish ip ssh
S1(config)#username resi secret resi
S1(config)#
*Mar 1 00:08:04.022: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeededusername resi
secret resi
*Mar 1 00:09:11.987: %SSH-5-SSH2_USERAUTH: User 'resi' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:09:11.987: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'resi' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
*Mar 1 00:09:30.844: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded
S1(config)#username resi secret resi
*Mar 1 00:10:26.066: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1,
changed state to down
*Mar 1 00:10:27.065: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/2, changed state to down
*Mar 1 00:10:29.078: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/2, changed state to up
S1(config)#ip ssh logging events
S1(config)#username resi secret resish ip ssh
*Mar 1 00:10:57.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1,
changed state to up
*Mar 1 00:11:00.225: %SSH-5-SSH2_USERAUTH: User 'resi' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:11:00.225: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'resi' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
S1(config)#ip ssh time-out 60
S1(config)#ip ssh authentication-retries 5
S1(config)#username resi
S1(config)#username resi secret resi
S1(config)# do wr
Building configuration...
[OK]
S1(config)#
*Mar 1 00:12:34.127: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded
S1(config)#
S1(config)#sh vlan 1
^
% Invalid input detected at '^' marker.
S1(config)#do sh vlan 1
^
% Invalid input detected at '^' marker.
S1(config)#do sh vlan 1
^
% Invalid input detected at '^' marker.
S1(config)#end
S1#
*Mar 1 00:13:32.738: %SYS-5-CONFIG_I: Configured from console by console
S1#sh vlan
*Mar 1 00:13:45.531: %SSH-5-SSH2_USERAUTH: User 'resi' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:13:45.531: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'resi' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed1
^
% Invalid input detected at '^' marker.
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#end
S1#sh
*Mar 1 00:13:59.791: %SYS-5-CONFIG_I: Configured from console by consoleip ssh
SSH Enabled - version 2.0
Authentication timeout: 60 secs; Authentication retries: 5
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCjargZ/L1LrcFr6FYcnK2EqbSY55QmTIUjSZy2Opqr
AVrxOiftSf6XDXM2hevv0BmVFSD+rFYBkWqlsk1EKwUI7DbQqmFCRx4e5UMylUi0N+wsQXW8wiVJz2m0
CnIFJU8QAf3DKn0o3cczcRC+5RaN1Lc0Ku63b3hw1aBb6Y6qvw==
S1#
*Mar 1 00:15:25.305: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded
*Mar 1 00:16:36.759: %SSH-5-SSH2_USERAUTH: User 'resi' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:16:36.759: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'resi' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
*Mar 1 00:16:51.540: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1,
changed state to down
*Mar 1 00:16:52.538: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/2, changed state to down
*Mar 1 00:16:53.545: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to
down
*Mar 1 01:18:07.654: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/5, changed state to down
*Mar 1 01:18:09.667: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/5, changed state to up
Switch#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int vlan 1
Switch(config-if)#ip add 192.168.1.4 255.255.255.0
Switch(config-if)#no sh
Switch(config-if)#ex
*Mar 1 02:05:25.109: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar 1 02:05:26.116: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1,
changed state to up
Switch(config-if)#exit
Switch(config)#exi
Switch(config)#exit
Switch#sh run
*Mar 1 02:05:37.675: %SYS-5-CONFIG_I: Configured from console by console
Building configuration...
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
Switch#dir
Directory of flash:/
Switch#copy flash:c2960-lanbasek9-mz.122-53.SE2.bin tf
Switch#copy flash:c2960-lanbasek9-mz.122-53.SE2.bin tftp:
Address or name of remote host []? 192.168.1.4
Destination filename [c2960-lanbasek9-mz.122-53.SE2.bin]?
.....
%Error opening tftp://192.168.1.4/c2960-lanbasek9-mz.122-53.SE2.bin (Timed out)
Switch#copy flash:c2960-lanbasek9-mz.122-53.SE2.bin tftp:
Address or name of remote host []? 192.168.1.1
Destination filename [c2960-lanbasek9-mz.122-53.SE2.bin]?
.....
%Error opening tftp://192.168.1.1/c2960-lanbasek9-mz.122-53.SE2.bin (Timed out)
Switch#
Switch#
Switch#copy flash:c2960-lanbasek9-mz.122-53.SE2.bin tftp:
Address or name of remote host []? 192.168.1.3
Destination filename [c2960-lanbasek9-mz.122-53.SE2.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
8612781 bytes copied in 25.400 secs (339086 bytes/sec)
Switch#copy tf
Switch#copy tftp:c
Switch#copy tftp:c2960-lanbasek9-mz.150-2.SE11.bin fl
Switch#copy tftp:c2960-lanbasek9-mz.150-2.SE11.bin flash:
Address or name of remote host []? 192.168.1.3
Destination filename [c2960-lanbasek9-mz.150-2.SE11.bin]?
%Warning:There is a file already existing with this name
Do you want to over write? [confirm]
Accessing tftp://192.168.1.3/c2960-lanbasek9-mz.150-2.SE11.bin...
Loading c2960-lanbasek9-mz.150-2.SE11.bin from 192.168.1.3 (via Vlan1): !!!!!!!
Switch(config)#boot system c2960-lanbasek9-mz.150-2.SE11.bin
Switch(config)#exit
Switch>en
Switch#wr
Building configuration...
[OK]
Switch#relo
Switch#reload
Proceed with reload? [confirm]
Switch(config-line)#en
Switch(config-line)#ena
Switch(config-line)#exi
Switch(config-line)#exit
Switch(config)#en
Switch(config)#enable secret mor
Switch(config)#
*Mar 1 00:13:43.073: %SSH-5-SSH2_USERAUTH: User 'mor' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:13:43.073: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'mor' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
*Mar 1 00:13:50.447: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeeded
Switch#
*Mar 1 00:14:06.737: %SYS-5-CONFIG_I: Configured from console by consoleconf
terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#line vty 0 15
Switch(config-line)#transport input ssh
*Mar 1 00:14:59.200: %SSH-5-SSH2_USERAUTH: User 'mor' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:14:59.200: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'mor' using crypto cipher 'aes256-cbc', hmapassword mor
Switch#
*Mar 1 00:15:03.855: %SYS-5-CONFIG_I: Configured from console by console
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#cry
Switch(config)#crypto ke
Switch(config)#crypto key gen
Switch(config)#crypto key generate r
Switch(config)#crypto key generate rsa
% Please define a domain-name first.
Switch(config)#ip dom
Switch(config)#ip domain-n
Switch(config)#ip domain-name master.lan
Switch(config)#crypto key generate rsa
The name for the keys will be: Switch.master.lan
Choose the size of the key modulus in the range of 360 to 4096 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
Switch(config)#
*Mar 1 00:16:18.556: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeededcrypto key
generate rsa
*Mar 1 00:16:31.323: %SSH-5-SSH2_USERAUTH: User 'mor' authentication for SSH2
Session from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-
sha1' Failed
*Mar 1 00:16:31.323: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user 'mor' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
% You already have RSA keys defined named Switch.master.lan.
% Do you really want to replace them? [yes/no]: no
Switch(config)#
*Mar 1 00:16:43.722: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeededno
*Mar 1 00:16:50.860: %SSH-5-SSH2_USERAUTH: User '' authentication for SSH2 Session
from 192.168.1.3 (tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1'
Failed
*Mar 1 00:16:50.860: %SSH-5-SSH2_CLOSE: SSH2 Session from 192.168.1.3 (tty = 0)
for user '' using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' closed
*Mar 1 00:16:59.777: %SSH-5-SSH2_SESSION: SSH2 Session request from 192.168.1.3
(tty = 0) using crypto cipher 'aes256-cbc', hmac 'hmac-sha1' Succeedcrypto key
generate rsa
Switch#conf t
*Mar 1 00:17:11.849: %SYS-5-CONFIG_I: Configured from console by c
Switch#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#ip domain-name master.lan
Switch(config)#crypto key generate rsa
% You already have RSA keys defined named Switch.master.lan.
% Do you really want to replace them? [yes/no]: yes
Choose the size of the key modulus in the range of 360 to 4096 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
Switch(config)#line vty 0 15
Switch(config-line)#tr
Switch(config-line)#transport in
Switch(config-line)#transport input al
Switch(config-line)#transport input all
Switch(config-line)#
*Mar 1 00:22:11.574: %SYS-5-CONFIG_I: Configured from console by vty0
(192.168.1.3)
*Mar 1 00:22:45.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/5, changed state to down
*Mar 1 00:22:46.630: %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to
downSwitch(config)#line vty 0 15
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config-line)#en
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config-line)#ena
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config-line)#exi
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config-line)#exit
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#en
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#enable secret mor
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch#
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#line vty 0 15
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch#
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch#conf t
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#cry
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#crypto ke
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#ip dom
^
% Invalid input detected at '^' marker.
Switch(config-line)#Switch(config)#ip domain-n
^
% Invalid input detected at '^' marker.
Switch(config-line)#
Switch(config-line)#Switch(config)#
^
% Invalid input detected at '^' marker.