SSH protokolini yoqish va sozlash:
Router va PC4 qo'shishingiz kerak, qo'shilgan tarmoq elementlari kalitga ulanishi kerak. PC4 bilan routerga konsol kabeli ulangan bo'lishi kerak. Biz PC4-dan faqat SSH-ni sozlash uchun foydalanamiz, marshrutizator va kalitning keyingi konfiguratsiyasi administrator kompyuteri (PC3) orqali amalga oshiriladi.
4.6-rasm – PC4-ni routerga konsol kabeli bilan ulash. Oʻzgartirishni sozlash.
Keyinchalik, kalitda biz routerga ulangan portlarni ko'taramiz:
KompSetiS(config)#int fa0/5
KompSetiS(config-if)#switchport mode trunk
KompSetiS(config-if)#exit
Keyinchalik, kompyuter konsoli orqali kirish uchun IP manzilini, router nomini va parolni belgilashingiz kerak. Routerni oching, CLI bo'limiga o'ting va quyidagi sozlamalarni o'rnating:
Router>enable
Router#conf t
Router (config)#hostname KompSetiR
KompSetiR(config)#enable secret 312
KompSetiR(config)#int gig0/0
KompSeti(config-if)#ip address 192.168.1.11 255.255.255.0
KompSeti(config-if)#no shutdown
KompSeti(config-if)#exit
4.7-rasm – Routerga kirish uchun nom va parolni belgilash.
Keyinchalik, biz PC3-ga kiramiz, konsolni ochamiz, buning uchun siz yuqori yorliqda tanlashingiz kerak Desktop → Terminal → OK
4.8-rasm – Routerdagi sozlamalarning to'g'riligini kompyuter konsolidan tekshiramiz.
Administrator hisobini yarating va parol va imtiyozlar darajasini o'rnating
KompSetiR(config)#username admin privilege 15 password 15
Biz virtual ulanishni ko'taramiz, terminal liniyalari konfiguratsiyasini kiritamiz va masofaviy ulanish turini (SSH) tanlaymiz.
KompSeti(config)#line console 0
KompSeti(config-line)#login local
KompSeti(config-line)#end
KompSeti#int vlan 1
KompSeti(config)#line vty 0 4
KompSeti(config-line)#transport input telnet
KompSeti(config-line)#login local
KompSeti(config-line)#end
4.9-rasm – Hisob yarating va masofaviy kirishni o'rnating
SSH protokoli orqali ulanishni o'rnatish uchun siz domen nomini (Router) belgilashingiz, kriptografik kirish kalitini yaratishingiz va SSH 2-versiya protokolining o'zini yoqishingiz kerak.
KompSetiM(config)#ip domain-name Router
KompSetiM(config)#ip ssh version 2
Please create RSA keys (of at least 768 bits size) to enable SSH v2.
KompSetiM(config)#crypto key generate rsa
The name for the keys will be: KompSetiM.Router
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
KompSetiM(config)#ip ssh verison 2
*Mar 1 0:47:18.582: %SSH-5-ENABLED: SSH 2 has been enabled
4.10 – SSH sozlamalari
Routerga masofadan kirishni ssh protokoli orqali tekshiramiz. Birinchidan, biz Ping buyrug'idan foydalanamiz, keyin biz Telnet protokoli yordamida ulanishga harakat qilamiz, biz muvaffaqiyatsizlikni ko'ramiz, keyin ssh protokoli yordamida ulanishga harakat qilamiz.
C:\>ping 192.168.1.11
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
C:\>telnet 192.168.1.11
Trying 192.168.1.11 ...Open
[Connection to 192.168.1.11 closed by foreign host]
C:\>ssh -l admin 192.168.1.11
Password: «вводим пароль»
KompSetiR#
4.11 – rasm Routerga SSH orqali masofadan kirishni tekshirish
4-laboratoriya oxirida, barcha konsol kabellari olib tashlangan holda, bizda quyidagi IP manzillari va nomlari bilan 1 ta kalit, 1 router va 4 ta kompyuterni o'z ichiga olgan tarmoq mavjud:
№
|
Наименование
|
IP адрес
|
1
|
Switch (KompSetiS)
|
192.168.1.200
|
1
|
Router (KompSetiR)
|
192.168.1.210
|
1
|
Admin PC
|
192.168.1.2
|
2
|
PC0
|
192.168.1.3
|
3
|
PC1
|
192.168.1.4
|
4
|
PC2
|
192.168.1.5
|
Switch (KompSetiS): Username: admin; Password: 15
Router (KompSetiR): Username: admin; Password: 15
4.12-rasm – Tarmqoni oxirgi natijasi, laboratoriya ishi № 4
№ 4 laboratoriya ishi uchun topshiriq:
Admin PC kompyuterdan kommutatorga Telnet ulanishini o'rnating;
Admin PC kompyuteridan SSH routerga SSH ulanishini o‘rnating;
Quyidagi laboratoriyalar uchun tarmoqni tayyorlang.
Nazorat savollari
Telnet protokoli nima uchun zarur?
2. Telnet protokolidan foydalanishning foydasi nimada?
3. Telnet va SSH o'rtasidagi farq nima?
4. Nima uchun Telnet protokolidan foydalanish xavfsizlik uchun xavf hisoblanadi?
5. SSH protokolidan foydalanishning afzalligi nima?
Dostları ilə paylaş: |