SSH protokolini yoqish va sozlash:
Router va PC4 qo'shishingiz kerak, qo'shilgan tarmoq elementlari kommutatorga ulanishi kerak. PC4 bilan routerga konsol kabeli ulangan bo'lishi kerak. Biz PC4-dan faqat SSH-ni sozlash uchun foydalanamiz, marshrutizator va kommutatorning keyingi konfiguratsiyasi administrator kompyuteri (PC3) orqali amalga oshiriladi.
4.8-rasm – PC4-ni routerga konsol kabeli bilan ulash. Oʻzgartirishni sozlash. Keyinchalik, kommutatorda biz routerga ulangan portlarni ko'taramiz:
KompSetiS(config)#int fa0/5 KompSetiS(config-if)#switchport mode trunk KompSetiS(config-if)#exit
Keyinchalik, kompyuter konsoli orqali kirish uchun IP manzilini, router nomini va parolni belgilashingiz kerak. Routerni oching, CLI bo'limiga o'ting va quyidagi sozlamalarni o'rnating:
Router>enable Router#conf t
Router (config)#hostname KompSetiR KompSetiR(config)#enable secret 312 KompSetiR(config)#int gig0/0
KompSeti(config-if)#ip address 192.168.1.11 255.255.255.0 KompSeti(config-if)#no shutdown
KompSeti(config-if)#exit
4.9-rasm – Routerga kirish uchun nom va parolni belgilash.
Keyinchalik, biz PC3-ga kiramiz, konsolni ochamiz, buning uchun siz yuqori yorliqda tanlashingiz kerak Desktop → Terminal → OK
4.10-rasm – Routerdagi sozlamalarning to'g'riligini kompyuter konsolidan tekshiramiz.
Administrator hisobini yarating va parol va imtiyozlar darajasini o'rnating
KompSetiR(config)#username admin privilege 15 password 15
Biz virtual ulanishni ko'taramiz, terminal liniyalari konfiguratsiyasini kiritamiz va masofaviy ulanish turini (SSH) tanlaymiz.
KompSeti(config)#line console 0 KompSeti(config-line)#login local KompSeti(config-line)#end KompSeti#int vlan 1
KompSeti(config)#line vty 0 4 KompSeti(config-line)#transport input telnet KompSeti(config-line)#login local KompSeti(config-line)#end
4.9-rasm – Hisob yarating va masofaviy kirishni o'rnating
SSH protokoli orqali ulanishni o'rnatish uchun siz domen nomini (Router) belgilashingiz, kriptografik kirish kommutatorini yaratishingiz va SSH 2-versiya protokolining o'zini yoqishingiz kerak.
KompSetiM(config)#ip domain-name Router KompSetiM(config)#ip ssh version 2
Please create RSA keys (of at least 768 bits size) to enable SSH v2. KompSetiM(config)#crypto key generate rsa
The name for the keys will be: KompSetiM.Router
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK] KompSetiM(config)#ip ssh verison 2
*Mar 1 0:47:18.582: %SSH-5-ENABLED: SSH 2 has been enabled
– SSH sozlamalari
Routerga masofadan kirishni ssh protokoli orqali tekshiramiz. Birinchidan, biz Ping buyrug'idan foydalanamiz, keyin biz Telnet protokoli yordamida ulanishga harakat qilamiz, biz muvaffaqiyatsizlikni ko'ramiz, keyin ssh protokoli yordamida ulanishga harakat qilamiz.
C:\>ping 192.168.1.11
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
C:\>telnet 192.168.1.11
Trying 192.168.1.11 ...Open
[Connection to 192.168.1.11 closed by foreign host] C:\>ssh -l admin 192.168.1.11
Password: «вводим пароль» KompSetiR#
– rasm Routerga SSH orqali masofadan kirishni tekshirish
3-laboratoriya oxirida, barcha konsol kabellari olib tashlangan holda, bizda quyidagi IP manzillari va nomlari bilan 1 ta kommutator, 1 router va 4 ta kompyuterni o'z ichiga olgan tarmoq mavjud:
№
|
Наименование
|
IP адрес
|
1
|
Switch (KompSetiS)
|
192.168.1.200
|
1
|
Router (KompSetiR)
|
192.168.1.210
|
1
|
Admin PC
|
192.168.1.2
|
2
|
PC0
|
192.168.1.3
|
3
|
PC1
|
192.168.1.4
|
4
|
PC2
|
192.168.1.5
|
Switch (KompSetiS): Username: admin; Password: 15 Router (KompSetiR): Username: admin; Password: 15
4.12-rasm – Tarmqoni oxirgi natijasi, laboratoriya ishi № 4
Do'stlaringiz bilan baham: |