Title: How to configure SSH management for Ruijie Switches in CLI? [Print this page] Author: linyonghang1@ru Time: 2023-8-15 10:52 Title: How to configure SSH management for Ruijie Switches in CLI? 1. Application Scenario & Requirement:
Enabling SSH on the switch allows a host to remotely access the CLI for device management.
2. Network Topology:
3. Configuration Key Points:
a. Enable SSH service.
b. Generate cryptographic key
c. Configure a management IP address for the device. If the PC and the switch are not in the same network segment, you need to configure a default gateway for the switch.
4. Configuration Steps:
a. Enable SSH service on the switch:
Ruijie#configure terminal
Ruijie(config)#enable service ssh-server
b. Generate cryptographic key:
Ruijie(config)#crypto key generate dsa
Choose the size of the key modulus in the range of 360 to 2048 for your Signature Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: ------> may press 'Enter' directly
% Generating 512 bit DSA keys ...[ok]
c. Configure the management IP address and SSH login credentials:
Option 1. Using password only when accessing switch CLI through SSH:
Ruijie(config)#line vty 0 4 ------> enter vty configuration mode, 0 4 means that a total of 5 users are allowed to log in to the switch through telnet at the same time
Ruijie(config-line)#login ------> enable password protection of the line
Ruijie(config-line)#password ruijie ------> set SSH password as 'ruijie'
Ruijie(config-line)#exit
Ruijie(config)#enable password ruijie ------> set the password to enter privilege mode as 'ruijie'
Ruijie(config)#end
Ruijie#write
Option 2. Using username and password when accessing switch CLI through SSH:
Ruijie(config)#line vty 0 4
Ruijie(config-line)#login local ------> Use local password and password for Telnet connection
Ruijie(config-line)#exit
Ruijie(config)#username admin password ruijie ------> configure the remote management username as 'admin' and password as 'ruijie'
Ruijie(config)#enable password ruijie
Ruijie(config)#end
Ruijie#write
Note: By default, both SSH and Telnet will be enabled. If you need to limit users to remotely access the device CLI through SSH only, and Telnet connection is restricted, the configuration should be as follows:
Ruijie(config)#line vty 0 4
Ruijie(config-line)#transport input ssh
5. Verification:
a. Use SecureCRT or PuTTY to access the device CLI remotely via SSH:
b. Enter the correct username and password when prompted; once successful, the user mode CLI will show up and you may type 'enable' to enter privileged mode:
c. Type 'show service' to check if SSH has been enabled:
d. Type 'show ssh' to view the SSH connection:
e. Type 'show users' to view the users currently accessing the CLI:
In the example above, there is 1 console connection and 1 SSH connection accessing the switch CLI from IP address 192.168.1.2
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
