2015/08/18

HP2626 switch ssh key 認證與 ssh login 設定

# 設定管理者密碼
configure
password manager user-name admin

# 讓ssh 可以登入,可以接受 key 認證
configure
crypto key generate ssh rsa
ip ssh
ip ssh filetransfer
aaa authentication ssh login public-key none
aaa authentication ssh login local none
aaa authentication ssh enable login none
aaa authentication ssh enable public-key none
show authentication
show ip ssh
no tftp client
ip ssh filetransfer
write memory
exit
exit
exit
y

# 從本地端 copy ssh key 到 switch 上面
mtchang@mt ~/public_html/ks $ scp id_rsa.pub admin@110.111.81.1:/ssh/mgr_keys/authorized_keys
We'd like to keep you up to date about:
  * Software feature updates
  * New product announcements
  * Special events

Please register your products now at:  www.ProCurve.com

admin@110.111.81.1's password:
id_rsa.pub                                                                                           100%  391     0.4KB/s   00:00  
Connection to 110.111.81.1 closed by remote host.

# 從新使用 ssh 登入驗證
hadoop@mt ~/.ssh $ ssh admin@110.111.72.2
The authenticity of host '110.111.72.2 (110.111.72.2)' can't be established.
RSA key fingerprint is 38:ca:24:b0:97:fd:8e:d6:bd:66:28:90:fd:b7:45:d7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '110.111.72.2' (RSA) to the list of known hosts.
We'd like to keep you up to date about:
  * Software feature updates
  * New product announcements
  * Special events

Please register your products now at:  www.ProCurve.com


ProCurve J4900B Switch 2626
Software revision H.10.50



# option: 選項:設定可登入管理的 ip 範圍
ip authorized-managers

configure
ip authorized-managers 110.111.0.0 255.255.0.0

# 設定 ntp 對時
configure
sntp server 110.111.69.1
timesync sntp
sntp unicast
show running-config
write memory
exit
exit
exit
y


沒有留言: