Skip to main content
Cluster and storage switches
简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。

在 BES-53248 集群交换机上启用 SSH

贡献者

如果您使用集群交换机运行状况监控器(Cluster Switch Health Monitor、CSHM)和日志收集功能、则必须生成SSH密钥、然后在集群交换机上启用SSH。

步骤

  1. 验证SSH是否已禁用:

    show ip ssh

    显示示例 
    (switch)# show ip ssh

SSH Configuration

Administrative Mode: .......................... Disabled
SSH Port: ..................................... 22
Protocol Level: ............................... Version 2
SSH Sessions Currently Active: ................ 0
Max SSH Sessions Allowed: ..................... 5
SSH Timeout (mins): ........................... 5
Keys Present: ................................. DSA(1024) RSA(1024) ECDSA(521)
Key Generation In Progress: ................... None
SSH Public Key Authentication Mode: ........... Disabled
SCP server Administrative Mode: ............... Disabled

  2. 生成 SSH 密钥:

    crypto key generate

    显示示例 
    (switch)# config

(switch) (Config)# crypto key generate rsa

Do you want to overwrite the existing RSA keys? (y/n): y


(switch) (Config)# crypto key generate dsa

Do you want to overwrite the existing DSA keys? (y/n): y


(switch) (Config)# crypto key generate ecdsa 521

Do you want to overwrite the existing ECDSA keys? (y/n): y

(switch) (Config)# aaa authorization commands "noCmdAuthList" none
(switch) (Config)# exit
(switch)# ip ssh server enable
(switch)# ip scp server enable
(switch)# ip ssh pubkey-auth
(switch)# write mem

This operation may take a few minutes.
Management interfaces will not be available during this time.
Are you sure you want to save? (y/n) y

Config file 'startup-config' created successfully.

Configuration Saved!
    警告 请确保在修改密钥之前禁用SSH、否则交换机上会报告警告。

  3. 重新启动交换机:

    re负载

  4. 验证是否已启用 SSH :

    show ip ssh

    显示示例 
    (switch)# show ip ssh

SSH Configuration

Administrative Mode: .......................... Enabled
SSH Port: ..................................... 22
Protocol Level: ............................... Version 2
SSH Sessions Currently Active: ................ 0
Max SSH Sessions Allowed: ..................... 5
SSH Timeout (mins): ........................... 5
Keys Present: ................................. DSA(1024) RSA(1024) ECDSA(521)
Key Generation In Progress: ................... None
SSH Public Key Authentication Mode: ........... Enabled
SCP server Administrative Mode: ............... Enabled
下一步是什么?

"启用日志收集"