H3C-MSR3620-SSH及telnet登录配置

<H3C_3620>dis cur
#
version 7.1.049, Release 0106P21
#
sysname H3C_3620
#
telnet server enable开启telnet
#
dhcp enable开启dhcp
dhcp server forbidden-ip 192.168.2.1 192.168.2.100地址池中不dhcp的IP
#
password-recovery enable
#
vlan 1
#
dhcp server ip-pool forinterface2地址池定义
network 192.168.2.0 mask 255.255.255.0
dns-list 202.99.166.4 222.222.222.222
forbidden-ip 192.168.2.1
gateway-list 192.168.2.254
#
controller Cellular0/0
#
controller Cellular0/1
#
interface Aux0
#
interface NULL0
#
interface GigabitEthernet0/0出接口
port link-mode route
combo enable copper
ip address 172.16.11.11 255.255.255.0
nat outbound 2000
#
interface GigabitEthernet0/1
port link-mode route
#
interface GigabitEthernet0/2内网接口,会根据接口IP去匹配dhcp池
port link-mode route
ip address 192.168.2.254 255.255.255.0
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 4用于telnet登录的虚拟用户0-4共计5个用户可同时telnet登录
authentication-mode scheme用户名密码方式
user-role network-operator
protocol inbound telnet
#
line vty 5 8用于ssh登录的虚拟用户5-8共计4个用户可同时ssh登录
authentication-mode scheme用户名密码方式
user-role network-operator
protocol inbound ssh
#
line vty 9 63剩余的vty用户
user-role network-operator
#
ip route-static 0.0.0.0 0 GigabitEthernet0/0 172.16.11.254 description toISP_Gate
#
ssh server enable启用ssh服务
#
acl number 2000
rule 0 permit
#
domain system
#
aaa session-limit ftp 32
aaa session-limit telnet 32
aaa session-limit http 32
aaa session-limit ssh 32
aaa session-limit https 32
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage定义用于telnet登录的用户-含本行用户名,下面的密码,服务类型,用户角色(权限)
password hash $h$6$Zh/TGmbnIR9+Q4/m$AXBveH4tPQEF5/kFXwhaQQcUsq//VtFWWOo3MkQyZK2G+PiHXX1Z93tOwX5h6JusEgADg3FwwY2jiHHcSwdyZQ==
service-type ssh telnet
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
local-user admin-ssh class manage定义用于ssh登录的用户名-含本行的用户名,下面与用户名对应的密码,服务类型,权限
password hash $h$6$1rnX3qdTxXMRMa8C$7gMglocF1iiMlathXCnQlS8VM2AM+M0ifDiJ+3yZ+eUpm33BqKMzU0rZjaeQ68705M+FH2jbO/euZRt1SyygLw==
service-type ssh
authorization-attribute user-role level-15
authorization-attribute user-role network-operator
#
return