|
1. Application Scenario & Requirement: Enabling SSH on the switch allows a host to remotely access the CLI for device management. 2. Network Topology:  3. Configuration Key Points: a. Enable SSH service. b. Generate cryptographic key c. Configure a management IP address for the device. If the PC and the switch are not in the same network segment, you need to configure a default gateway for the switch. 4. Configuration Steps: a. Enable SSH service on the switch: Ruijie#configure terminal Ruijie(config)#enable service ssh-server b. Generate cryptographic key: Ruijie(config)#crypto key generate dsa Choose the size of the key modulus in the range of 360 to 2048 for your Signature Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: ------> may press 'Enter' directly % Generating 512 bit DSA keys ...[ok] c. Configure the management IP address and SSH login credentials: Ruijie(config)#interface vlan 1 Ruijie(config-if)#ip address 192.168.1.1 255.255.255.0 Option 1. Using password only when accessing switch CLI through SSH: Ruijie(config)#line vty 0 4 ------> enter vty configuration mode, 0 4 means that a total of 5 users are allowed to log in to the switch through telnet at the same time Ruijie(config-line)#login ------> enable password protection of the line Ruijie(config-line)#password ruijie ------> set SSH password as 'ruijie' Ruijie(config-line)#exit Ruijie(config)#enable password ruijie ------> set the password to enter privilege mode as 'ruijie' Ruijie(config)#end Ruijie#write Option 2. Using username and password when accessing switch CLI through SSH: Ruijie(config)#line vty 0 4 Ruijie(config-line)#login local ------> Use local password and password for Telnet connection Ruijie(config-line)#exit Ruijie(config)#username admin password ruijie ------> configure the remote management username as 'admin' and password as 'ruijie' Ruijie(config)#enable password ruijie Ruijie(config)#end Ruijie#write Note: By default, both SSH and Telnet will be enabled. If you need to limit users to remotely access the device CLI through SSH only, and Telnet connection is restricted, the configuration should be as follows: Ruijie(config)#line vty 0 4 Ruijie(config-line)#transport input ssh 5. Verification: a. Use SecureCRT or PuTTY to access the device CLI remotely via SSH:  b. Enter the correct username and password when prompted; once successful, the user mode CLI will show up and you may type 'enable' to enter privileged mode:  c. Type 'show service' to check if SSH has been enabled:  d. Type 'show ssh' to view the SSH connection:  e. Type 'show users' to view the users currently accessing the CLI:  In the example above, there is 1 console connection and 1 SSH connection accessing the switch CLI from IP address 192.168.1.2 |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd
Level 1
