HCNA配置ssh远程登陆

1、拓扑图

最终实现通过AR１　来SSH登陆到AR2 上

2、配置AR2为开启SSH服务

Please press enter to start cmd line!
##############
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]int
[Huawei]interface g
[Huawei]interface GigabitEthernet //
[Huawei-GigabitEthernet0//]ip addr
[Huawei-GigabitEthernet0//]ip address 12.1.1.2
[Huawei-GigabitEthernet0//]
Dec    ::-: Huawei %%01IFNET//LINK_STATE(l)[]:The line protocol
 IP on the interface GigabitEthernet0// has entered the UP state.
[Huawei-GigabitEthernet0//]q
[Huawei]stel
[Huawei]stelnet ser
[Huawei]stelnet server en
[Huawei]stelnet server enable
Info: Succeeded in starting the STELNET server.
[Huawei]rsa ?
  local-key-pair   Local RSA public key pair operations
  peer-public-key  Remote peer RSA public key configuration.
[Huawei]rsa loc
[Huawei]rsa local-key-pair ?
  create   Create new local public key pairs
  destroy  Destroy the local public key pairs
[Huawei]rsa local-key-pair cre
[Huawei]rsa local-key-pair create
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is ( ~ ).
NOTES: If the key modulus is greater than ,
       It will take a few minutes.
Input the bits in the modulus[default = ]:
Generating keys...
........................++++++
.........++++++
............++++++++
...............++++++++

[Huawei]aaa
[Huawei-aaa]loc
[Huawei-aaa]local-user user-ssh pass
[Huawei-aaa]local-user user-ssh password ci
[Huawei-aaa]local-user user-ssh password cipher huawei
Info: Add a new user.
[Huawei-aaa]loc
[Huawei-aaa]local-user user-ssh pri
[Huawei-aaa]local-user user-ssh privilege level
[Huawei-aaa]local-user user-ssh privilege level
[Huawei-aaa]loc
[Huawei-aaa]local-user user
[Huawei-aaa]local-user user-ssh serv
[Huawei-aaa]local-user user-ssh service-type ssh
[Huawei-aaa]q
[Huawei]user-in
[Huawei]user-interface vty
[Huawei]user-interface vty
[Huawei]user-interface vty
[Huawei]user-interface vty
[Huawei-ui-vty0-]aut
[Huawei-ui-vty0-]authentication-mode aaa
[Huawei-ui-vty0-]pro
[Huawei-ui-vty0-]protocol ?
  inbound  Incoming protocol
[Huawei-ui-vty0-]protocol in
[Huawei-ui-vty0-]protocol inbound ssh
[Huawei-ui-vty0-]q
[Huawei]ssh user
[Huawei]ssh user user
[Huawei]ssh user user-
[Huawei]ssh user user-ssh au
[Huawei]ssh user user-ssh authentication-type ?
  all           All authentication, password or RSA
  password      Password authentication
  password-rsa  Both password and RSA
  rsa           RSA authentication
[Huawei]ssh user user-ssh authentication-type all
 Authentication type setted, and will be in effect next time
[Huawei]sysnan    
[Huawei]sysna    
[Huawei]sysname AR@
[AR@]sysname AR@
[AR@]sysname AR2
[AR2]

3、AR1作为SSH客户端接连AR2测试

Please press enter to start cmd line!
##########################
<Huawei>
Dec    ::-: Huawei %%01IFPDT//IF_STATE(l)[]:Interface GigabitEt
hernet0// has turned into UP state.
<Huawei>

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1
[AR1]int
[AR1]interface g
[AR1]interface GigabitEthernet //
[AR1-GigabitEthernet0//]ip address 12.1.1.1
[AR1-GigabitEthernet0//]
Dec    ::-: AR1 %%01IFNET//LINK_STATE(l)[]:The line protocol IP
 on the interface GigabitEthernet0// has entered the UP state.
[AR1-GigabitEthernet0//]q
[AR1]ping  12.1.1.2
  PING 12.1.1.2:   data bytes, press CTRL_C to break
    Reply from 12.1.1.2: bytes= Sequence= ttl= time= ms
    Reply from 12.1.1.2: bytes= Sequence= ttl= time= ms
    Reply from 12.1.1.2: bytes= Sequence= ttl= time= ms
    Reply from 12.1.1.2: bytes= Sequence= ttl= time= ms
    Reply from 12.1.1.2: bytes= Sequence= ttl= time= ms

  --- 12.1.1.2 ping statistics ---
     packet(s) transmitted
     packet(s) received
    0.00% packet loss
    round-trip min/avg/max = // ms

[AR1]ssh 12.1.1.2
         ^
Error: Unrecognized command found at '^' position.
[AR1]ssh
[AR1]ssh ?
  client  Set SSH client attribute
  server  Specify the server attribute
  user    SSH user
[AR1]ssh ssh
[AR1]ssh clei
[AR1]ssh clien
[AR1]ssh client ?
  STRING<->  Specify SSH server IP address or name
  first-time    Set SSH client attribute of authenticating user for the first
                time access.
[AR1]ssh client fri
[AR1]ssh client fir
[AR1]ssh client first-time
                           ^
Error:Incomplete command found at '^' position.
[AR1]ssh client first-time
                           ^
Error:Incomplete command found at '^' position.
[AR1]ssh client first-time ?
  enable  Enable authentication for first time access.
[AR1]ssh client first-time en
[AR1]ssh client first-time enable
[AR1]ssh
[AR1]ssh ?
  client  Set SSH client attribute
  server  Specify the server attribute
  user    SSH user
[AR1]ste
[AR1]stelnet ?
  STRING<->  IP address or host name of a remote system
  -a             Set the source IP address of SSH packets
  server         Set Stelnet server
[AR1]stelnet 12.1.1.2
Please input the username:user-ssh
Trying 12.1.1.2 ...
Press CTRL+K to abort
Connected to 12.1.1.2 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Dec    ::-: AR1 %%01SSH//CONTINUE_KEYEXCHANGE(l)[]:The server h
ad not been authenticated in the process of exchanging keys. When deciding wheth
er to continue, the user chose Y.
[AR1]
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 12.1.1.2. Please wait...

Dec    ::-: AR1 %%01SSH//SAVE_PUBLICKEY(l)[]:When deciding whet
her to save the server's public key 12.1.1.2, the user chose Y.
[AR1]
Enter password:
<AR2>dis ip in
<AR2>dis ip interface bri
<AR2>dis ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is
The number of interface that is DOWN in Physical is
The number of interface that is UP in Protocol is
The number of interface that is DOWN in Protocol is 

Interface                         IP Address/Mask      Physical   Protocol
GigabitEthernet0//              12.1.1.2/          up         up
GigabitEthernet0//              unassigned           down       down
GigabitEthernet0//              unassigned           down       down
NULL0                             unassigned           up         up(s)
<AR2>