HUAWEI on HiDahttps://www.0niu.cn/tags/huawei/Recent content in HUAWEI on HiDaHugo -- gohugo.iozhTue, 23 Jul 2024 10:43:24 +0800HUAWEI交换机用ssh key认证登录https://www.0niu.cn/posts/huawei-ssh-key-auth/Tue, 23 Jul 2024 10:43:24 +0800https://www.0niu.cn/posts/huawei-ssh-key-auth/<p>华为交换机配置ssh key认证</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># 本地生成密钥对</span> </span></span><span style="display:flex;"><span>ssh-keygen -t ecdsa -f huaweikey </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>sys </span></span><span style="display:flex;"><span># 配置密钥对 </span></span><span style="display:flex;"><span>ecc peer-public-key demo encoding-type openssh </span></span><span style="display:flex;"><span>public-key-code begin </span></span><span style="display:flex;"><span>ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIb+qZ2O6fdr2AEd+Zq/Xf3tnCfpJk33NGFVAog= demo </span></span><span style="display:flex;"><span>public-key-code end </span></span><span style="display:flex;"><span>peer-public-key end </span></span><span style="display:flex;"><span># 创建本地用户 </span></span><span style="display:flex;"><span>aaa </span></span><span style="display:flex;"><span>local-user demo service-type ssh </span></span><span style="display:flex;"><span>quit </span></span><span style="display:flex;"><span># 创建同名ssh用户 </span></span><span style="display:flex;"><span>ssh user demo assign ecc-key demo </span></span><span style="display:flex;"><span>ssh user demo authentication-type ecc </span></span><span style="display:flex;"><span>ssh user demo service-type stelnet </span></span><span style="display:flex;"><span># 配置用户权限 </span></span><span style="display:flex;"><span>user-interface vty 0 4 </span></span><span style="display:flex;"><span>user privilege level 15 </span></span></code></pre></div><p>华为交换机配置ssh key认证</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># 本地生成密钥对</span> </span></span><span style="display:flex;"><span>ssh-keygen -t ecdsa -f huaweikey </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>sys </span></span><span style="display:flex;"><span># 配置密钥对 </span></span><span style="display:flex;"><span>ecc peer-public-key demo encoding-type openssh </span></span><span style="display:flex;"><span>public-key-code begin </span></span><span style="display:flex;"><span>ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIb+qZ2O6fdr2AEd+Zq/Xf3tnCfpJk33NGFVAog= demo </span></span><span style="display:flex;"><span>public-key-code end </span></span><span style="display:flex;"><span>peer-public-key end </span></span><span style="display:flex;"><span># 创建本地用户 </span></span><span style="display:flex;"><span>aaa </span></span><span style="display:flex;"><span>local-user demo service-type ssh </span></span><span style="display:flex;"><span>quit </span></span><span style="display:flex;"><span># 创建同名ssh用户 </span></span><span style="display:flex;"><span>ssh user demo assign ecc-key demo </span></span><span style="display:flex;"><span>ssh user demo authentication-type ecc </span></span><span style="display:flex;"><span>ssh user demo service-type stelnet </span></span><span style="display:flex;"><span># 配置用户权限 </span></span><span style="display:flex;"><span>user-interface vty 0 4 </span></span><span style="display:flex;"><span>user privilege level 15 </span></span></code></pre></div>