交换机配置telnet
启用stelnet:
protocol inbound ssh
aaa
local-user admin servce-type ssh
stelnet server enable
rsa local-key-pair create //产生rsa,最好密钥长度1024
dis rsa local-key-pair public
ssh user admin authentication-type password
客户端第1次连
ssh client first-time enable
------------------------------------------
配置telnet:
user-interface vty 0 4
authentication-mode scheme
quit
local-user admin123
password simple FTXH
service-type telnet ssh level 3
qu
------------------------------------------
aaa方式
user-interface vty 0 4
authentication-mode aaa
q
aaa
local-user admin123 password cipher FTXHH3C
local-user admin123 service-type telnet或ssh
user-interface vty 0 4
protocol inbound all
authentication-mode aaa
quit
aaa
local-user admin123 password irreversible-cipher FTFJ61571
local-user admin privilege level 15
local-user admin123 service-type telnet ssh terminal
ssh user admin
ssh user admin authentication-type password
ssh user admin service-type stelent
------------------------------------------
password方式
user-interface vty 0 4
protocol inbound all
authentication-mode password
set authentication password cipher FTXHH3C
user privilege level 15
shell //启用VTY终端服务
有时命令显示为
set authentication password hash sfsjwgwlggwlkksdjs##%#5
可用
set authentication password simple FTFJ61571 来修改密码。
------------------------------------------
S5700
aaa ///进入AAA模式
local-user admin password irreversible-cipher admin@123 ///设置本地用户名和密码 cipher加密
local-user admin service-type ssh telnet ///设置用户设置登录ssh telnet服务
display ssh server status ///查看ssh服务是否生效
display telnet server status ///查看telnet服务是否生效
local-user admin privilege level 15 ///设置用户级别
q
user-interface vty 0 4
protocol inbound all ///为虚拟用户终端配置使用的协议,all即都支持
在V200R020C之后的版本,以上命令配置完,还需要配置一条,
telnet server-source all-interface ,放行所有接口访问交换机
telnet server port port-number //Telnet服务器的协议端口号,默认23,修改端口可以防止攻击
------------------------------------------
http server enable
telnet server-source -i Vlanif 1000
aaa
local-user admin service-type http
------------------------------------------
开启telnet
telnet server enable
telnet server-source -i Vlanif 1000
------------------------------------------
用line
line vty 0 4
user-role level-15
user-role network-operator
set authentication password hash $h$6$Zrire6GGw9HedcYD$TsCyi7UOuQIv4WsYHqAMaDZp9cIKrKiNzEYcjLj0SZyt1oocAEGhOY1hNtItjvOs4OGzod5dj3D4gUIdF8XFSw==
配置时需用,显示时是hash
set authentication password simple xxxx
------------------------------------------
使用web登录,telnet无法配置
COM口进入后,命令行设置IP
ipsetup ip-address 68.66.x.x 24 default-gateway 68.66.0.1
即可,配置后无需密码web登录设置密码