华三交换机开启 SSH

  1. 开启 SSH、创建密钥
1
2
3
[SW1]ssh server enable //开启ssh服务
[SW1]public-key local create rsa //创建rsa密钥
[SW1]public-key local create dsa //创建dsa密钥
  1. 创建用户
1
2
3
4
[SW1]local-user admin //创建用户admin
[SW1-luser-manage-admin]password simple admin@123 //设置密码admin@123
[SW1-luser-manage-admin]authorization-attribute user-role network-admin //设置用户级别network-admin管理级
[SW1-luser-manage-admin]service-type ssh //设置用户登陆权限为ssh
  1. 配置 VTY、接口认证
1
2
3
4
5
[SW1]user-interface vty 0 4 //配置vty为0-4
[SW1-line-vty0-4]authentication-mode scheme //设置认证模式为scheme
[SW1-line-vty0-4]protocol inbound ssh //设置登陆协议为ssh
[SW1-line-vty0-4]quit //退出配置
[SW1]save //保存配置

故障排查

登录报错:

  1. Unable to negotiate with 10.0.0.15 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

解决方式:

1
ssh -okexAlgorithms=+diffie-hellman-group-exchange-sha1 [email protected]