VRP基础命令,telnet,ssh

root
233
文章
0
评论
2020年11月6日10:36:10 评论 7884字阅读26分16秒

VRP基础命令

"<>"用户视图模式下

1.查看显示的时间(管理模式下也可以)

[R1]dis clock 
2020-11-04 12:25:55
Wednesday
Time Zone(China-Standard-Time) : UTC-08:00

 

2.修改时区

<R1>clock timezone beijin add 10:00:00           
<R1>dis clock
2020-11-03 18:28:51
Tuesday
Time Zone(beijin) : UTC+10:00

1、设置时区为北京:
<Huawei>clock timezone bj add 08:00              #增加偏移8个时区,用户视图下配置

<R2>dis clock
2020-10-01 10:02:39
Thursday
Time Zone(China-Standard-Time) : UTC-08:00
<R2>clock timezone beijin add 8:00:00

<R2>dis clock 
2020-09-30 18:03:43
Wednesday
Time Zone(beijin) : UTC+08:00

 

3.修改系统时间

<R2>dis clock
2020-11-04 12:32:19
Wednesday
Time Zone(China-Standard-Time) : UTC-08:00
<R2>clock datetime 10:00:00 2020-10-01

<R2>dis clock 
2020-10-01 10:00:04
Thursday
Time Zone(China-Standard-Time) : UTC-08:00

 

 

4.重启网络设备

<R1>reboot                       
Info: The system is comparing the configuration, please wait.
Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y

 

5.保存配置

save

"[]"系统模式下

1.进入指定端口

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]

 

2.查看设备的所有接口

[R2]dis int brief
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
^down: standby
(e): ETHOAM down
(d): Dampening Suppressed
InUti/OutUti: input utility/output utility
Interface                   PHY   Protocol InUti OutUti   inErrors  outErrors
Ethernet0/0/0               down  down        0%     0%          0          0
Ethernet0/0/1               down  down        0%     0%          0          0
Ethernet0/0/2               down  down        0%     0%          0          0
Ethernet0/0/3               down  down        0%     0%          0          0
Ethernet0/0/4               down  down        0%     0%          0          0
Ethernet0/0/5               down  down        0%     0%          0          0
Ethernet0/0/6               down  down        0%     0%          0          0
Ethernet0/0/7               down  down        0%     0%          0          0
GigabitEthernet0/0/0        up    down        0%     0%          0          0
GigabitEthernet0/0/1        down  down        0%     0%          0          0
NULL0                       up    up(s)       0%     0%          0          0

 

3.打开接口

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]undo shutdown 
Info: Interface GigabitEthernet0/0/0 is not shutdown.

 

4.IP地址配置错误处理方法

删除 undo,在原来配置的基础上加undo,有时候undo删不掉,它会提示,把后面的东西去掉就可以了

[R2-GigabitEthernet0/0/0]ip add 192.168.1.2 24

[R2-GigabitEthernet0/0/0]dis this
[V200R003C00]
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.2 255.255.255.0 
#
return

[R2-GigabitEthernet0/0/0]undo ip add 192.168.1.2 24
Sep 30 2020 18:27:15+08:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the DOWN state. 

[R2-GigabitEthernet0/0/0]dis this                  
[V200R003C00]
#
interface GigabitEthernet0/0/0
#
return

 

5.配置标题的消息

[R2]header shell information "baba"
[R2]q
<R2>q

  Configuration console exit, please press any key to log on

baba

 

6.查看当前设备设置的内容

[R2]dis curr
[V200R003C00]
#
 sysname R2
 header shell information "baba"
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone beijin add 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#                                         
firewall zone Local                       
 priority 15                              
#                                         
interface Ethernet0/0/0                   
#                                         
interface Ethernet0/0/1                   
#                                         
interface Ethernet0/0/2                   
#                                         
interface Ethernet0/0/3                   
#                                         
interface Ethernet0/0/4                   
#                                         
interface Ethernet0/0/5                   
#                                         
interface Ethernet0/0/6                   
#                                         
interface Ethernet0/0/7                   
#                                         
interface GigabitEthernet0/0/0            
#                                         
interface GigabitEthernet0/0/1            
#                                         
interface NULL0                           
#                                         
user-interface con 0                      
 authentication-mode password             
user-interface vty 0 4                    
user-interface vty 16 20                  
#                                         
wlan ac                                   
#                                         
return

 

7.查看使用过的命令【默认保存记录10条】

[R2]dis history-command 
  dis curr
  sys

修改默认的命令使用历史记录

 

8.清除接口配置命令

[SW3]clear configuration interface g0/0/2
Warning: All configurations of the interface will be cleared, and its state will be shutdown. Continue? [Y/N] :y

 

查询交换机的mac地址

[sw1]dis bridge mac-address 
System bridge MAC address: 4c1f-cc29-383c

 

 

“[]”模式下用户配置界面

console的号码是0

1.通过直接对console口配密码的方式

1.1怎么进入console

[R2]user-interface con 0
[R2-ui-console0]

 

1.2设置console的密码

[R2-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):123
[R2]q
<R2>q

  Configuration console exit, please press any key to log on


Login authentication


Password:
Password:
baba
<R2>

 

2.通过AAA认证的方式配置console口

2.1怎么进入console

[R2]user-interface con 0
[R2-ui-console0]

 

2.2使用AAA的方式进行认证

[R2]user-int con 0
[R2-ui-console0]auth
[R2-ui-console0]authentication-mode aaa
[R2-ui-console0]aaa
[R2-aaa]

 

2.3配置用户名和密码

[R2-aaa]local-user 123 password cipher 123
Info: Add a new user.
[R2]q
<R2>q

  Configuration console exit, please press any key to log on


Login authentication


Username:123
Password:
baba
<R2>

 

3.设置用户登录空闲时间

正常是要设置超时时间的

[R2]user-int con 0
[R2-ui-console0]id
[R2-ui-console0]idle-timeout 0

设备安全访问-telnet【明文密码,不加密】

前提条件,两个设备要有联系性

要在用户视图模式下使用telnet命令

使用直连的方式配置 telnet

1.1打开telnet

这里的0 4 代表连接上来的人数,一共5个人,比如一个人就是user-int vty 0

[R1]user-int vty 0 4 
[R1-ui-vty0-4]

1.2设置直接连接的密码

[R1-ui-vty0-4]authentication-mode password 
Please configure the login password (maximum length 16):123

1.3使用另一台设备进行远程连接

<R1>q

  Configuration console exit, please retry to log on

  The connection was closed by the remote host
<R2>telnet 192.168.1.1
  Press CTRL_] to quit telnet mode
  Trying 192.168.1.1 ...
  Connected to 192.168.1.1 ...

Login authentication


Password:
<R1>

 

使用aaa认证的方式配置telnet

2.1打开telnet

[R2]user-int vty 0 4

2.2设置aaa连接的密码和用户

[R2-ui-vty0-4]authentication-mode aaa
[R2-ui-vty0-4]aaa
[R2-aaa]local-user 123 password cipher 123
Info: Add a new user.

2.3使用另一个设备进行测试

<R1>telnet 192.168.1.2
  Press CTRL_] to quit telnet mode
  Trying 192.168.1.2 ...
  Connected to 192.168.1.2 ...

Login authentication


Username:123
Password:
<R2>

 

但是我们会发现,我们什么都操作不了,因为没有权限,华为一共有15个权限

<R1>sys
    ^
Error: Unrecognized command found at '^' position.

0-1权限都进入不了用户管理模式

2权限是无法使用user-inst

修改级别【比如把vty0 4的用户权限修改为3】

[R2-ui-vty0-4]user privilege level 3
<R1>telnet 192.168.1.2
  Press CTRL_] to quit telnet mode
  Trying 192.168.1.2 ...
  Connected to 192.168.1.2 ...

Login authentication


Username:123
Password:
  -----------------------------------------------------------------------------     
  User last login information:     
  -----------------------------------------------------------------------------
  Access Type: Telnet      
  IP-Address : 192.168.1.1     
  Time       : 2020-11-05 10:23:15-08:00     
  -----------------------------------------------------------------------------
<R2>sys 
Enter system view, return user view with Ctrl+Z.
[R2]

创建本地用户并修改认证权限

[R1]user-int vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]aaa
[R1-aaa]local-user 21 password cipher 21 privilege level 3
Info: Add a new user.

另一台进行测试权限

<R2>telnet 192.168.1.1
  Press CTRL_] to quit telnet mode
  Trying 192.168.1.1 ...
  Connected to 192.168.1.1 ...

Login authentication


Username:21
Password:
<R1>sys
Enter system view, return user view with Ctrl+Z.
[R1]

 

修改已用用户的权限

[R2-aaa]local-user 123 privilege level 4

 

如果配置的用户无法使用telnet连接

配置本地用户xxx的接入类型为telnet

[R2-aaa]local-user 123 service-type telnet

[R2-aaa]dis this 
[V200R003C00]
#
aaa 
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default 
domain default_admin 
local-user 123 password cipher %$%$La|65ufDo"k<@_4M~ug7[Utk%$%$
local-user 123 privilege level 4
local-user 123 service-type telnet
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
return

 

SSH连接的方式

1.1开启ssh认证

[R1]stelnet server enable 
Info: Succeeded in starting the STELNET server.

1.2配置vty用户只支持ssh协议

[R1-ui-vty0-4]protocol inbound  ssh

1.3配置认证用户和密码,级别

[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]aaa
[R1-aaa]local-user kk password cipher 1 privilege level 3
Info: Add a new user.

1.4配置用户属于哪个协议

[R1-aaa]local-user kk service-type ssh
[R1-aaa]dis this
[V200R003C00]
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user 21 password cipher %$%$xKcOAG|)v:bFqH#RwaaV[f29%$%$
 local-user 21 privilege level 3
 local-user kk password cipher %$%$tSD(@fO$j/j2lk3Cwq#$]CmQ%$%$
 local-user kk privilege level 3
 local-user kk service-type ssh

1.5服务端R1创建秘钥对

[R1]rsa local-key-pair create 
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
       It will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
.....++++++++++++
.......++++++++++++
..............................++++++++
....................++++++++

[R1]

1.6客户端下载公钥

[R2]ssh client first-time enable

 

1.7,R2使用ssh协议连接R1

[R2]stelnet 192.168.1.1
Please input the username:kk
Trying 192.168.1.1 ...
Press CTRL+K to abort
Connected to 192.168.1.1 ...
Enter password:
  -----------------------------------------------------------------------------     
  User last login information:     
  -----------------------------------------------------------------------------
  Access Type: SSH      
  IP-Address : 192.168.1.2 ssh     
  Time       : 2020-11-05 16:22:50-08:00     
  -----------------------------------------------------------------------------
<R1>

 

 

 

继续阅读
weinxin
我的微信
这是我的微信扫一扫
  • 文本由 发表于 2020年11月6日10:36:10
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
文件系统基础 VRP

文件系统基础

文件系统基础 华为网络设备的 配置文件和VRP系统文件都保存在物理存储介质中,所以文件系统是VRP正常运行的基础,只有掌握了对文件系统的基础操作,网络工程师才会对设备文件和VRP系统进行高效的管理 基...
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: