為了能讓cisco交換的遠端連接配接對于賬号密碼的安全性有所提高,可以用ssh方式連接配接終端,但是很多出廠的交換機預設的ios是不支援ssh這個功能的,為了能讓cisco交換機支援ssh,必須更新帶“K9”的IOS.下面是出廠cisco 3750G-24TS預設ios的截圖
<a href="http://blog.51cto.com/attachment/201003/001755419.jpg" target="_blank"></a>
3750交換機支援SSH需要12.1(11)EA1以上版本軟體。
emi是增強型多層鏡像,也就是對路由協定的支援更全;而smi是标準多層鏡像。
特性集共有三種:IP BASE、IP Services和Advanced IP Services。
IP BASE:支援第2層轉發和基本的第3層路由,包括EIGRP stub模式。
IP Services:包括IP BASE特性集,支援進階第3層路由,如OSPF群組播路由。
Advanced IP Services:包括IP Services,支援IPv6功能。
<b>解決方案步驟:</b><b> </b>
<b>1. </b><b>從</b><b>cisco</b><b>官網下載下傳</b><b>ios</b>
<b>2. </b><b>更新</b><b>ios</b>
<b>3. </b><b>配置交換機支援</b><b>ssh</b>
<b>從cisco官網下載下傳ios</b>
打開cisco官網
<a href="http://www.cisco.com/"><b>http://www.cisco.com<b>找到</b><b>products&services </b><b>點選選擇</b><b>cisco ios and nc-os software</b></b></a>
也可以直接打開以下連結:
http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=282504484
會跳出登入界面
未注冊的使用者根據注冊資訊填寫就行,但有一點就是郵箱一定要填寫正确,因為注冊後會發一份郵件到您的郵箱去激活才可以使用
<a href="http://blog.51cto.com/attachment/201003/002453696.jpg" target="_blank"></a>
接下來登入進去,選擇字尾帶SE版本就會自動連結其他頁面去了
<a href="http://blog.51cto.com/attachment/201003/002557259.jpg" target="_blank"></a>
跳轉下一個頁面如下,選擇要找交換機型号
<a href="http://blog.51cto.com/attachment/201003/002635849.jpg" target="_blank"></a>
跳轉下一個頁面如下,點解下載下傳軟體
<a href="http://blog.51cto.com/attachment/201003/002709126.jpg" target="_blank"></a>
跳轉下一個頁面如下,選擇最新版本下載下傳。但根據經驗的話,最好選擇最新版本後退一兩個版本。這裡我們選擇最新IOS版本,并下載下傳帶“K9”字元的ios
<b>……………………………………………………省略</b>
<a href="http://blog.51cto.com/attachment/201003/002741953.jpg" target="_blank"></a>
跳轉下一個頁面如下
<a href="http://blog.51cto.com/attachment/201003/002812721.jpg" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201003/002933574.jpg" target="_blank"></a>
這樣c3750-ipbasek9-mz.122-53.SE3.bin就下載下傳來。後來發現!由于在應用中, cisco 3750G需支援其他一些路由協定。是以我這裡就以c3750-ipservicesk9-mz.122-50.SE3.bin為更新版本IOS
提供一個非官網下載下傳連結:
<a target="_blank" href="ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin">ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin</a>
11.6 MB大小
CISCO Server TFTP 下載下傳位址:
<a target="_blank" href="ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin">http://www.skycn.com/soft/18565.html#downUrlMap</a>
這裡以CISCO Server TFTP更新方式,如下圖
拷貝c3750-ipservicesk9-mz.122-50.SE3.bin
到TFTP目錄下面
<a href="http://blog.51cto.com/attachment/201003/003124658.jpg" target="_blank"></a>
<b>更新ios</b>
3750G(config)#interface vlan 1
3750G(config-if)#ip add
3750G(config-if)#ip address 192.168.100.2 255.255.255.0
3750G(config-if)#end
3750G#ping 192.168.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
3750G#dir
Directory of flash:/
3 -rwx 1754 Feb 5 2010 16:40:45 +00:00 config.text
4 -rwx 5 Feb 5 2010 16:40:45 +00:00 private-config.text
7 drwx 192 Mar 1 1993 00:07:31 +00:00 c3750-ipbase-mz.122-35.SE5
32514048 bytes total (22883840 bytes free)
3750G#delete/force(不再詢問确認) /recursive(删除目錄下的子目錄和檔案) c3750-ipbase-mz.122-35.SE5
3750G#copy tftp flash (從tftp下載下傳ios)
Address or name of remote host 192.168.100.1 輸入tftp位址
Source filename c3750-ipservicesk9-mz.122-50.SE3.bin ios名稱
Destination filename [c3750-ipservicesk9-mz.122-50.SE3.bin]回車
Accessing tftp://192.168.100.1/c3750-ipservicesk9-mz.122-50.SE3.bin...
Loading c3750-ipservicesk9-mz.122-50.SE3.bin from 192.168.100.1 (via Vlan1):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 12239852 bytes]
3750G#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3750G(config)#boot system flash:c3750-ipservicesk9-mz.122-50.SE3.bin
設定啟動c3750-ipservicesk9-mz.122-50.SE3.bin為新IOS
3750G(config)#exit
3750G#wr
*Mar 1 03:59:40: %SYS-5-CONFIG_I: Configured from console by consoler
Building configuration...
[OK]
3750G#reload
Proceed with reload? [confirm] <b>回車</b>
*Mar 1 03:59:51: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
Base ethernet MAC Address: 3c:df:1e:c4:a1:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...
flashfs[0]: 501 files, 7 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 21870080
flashfs[0]: Bytes available: 10643968
flashfs[0]: flashfs fsck took 8 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs) installed, fsid: 3
done.
Loading "flash:c3750-ipservicesk9-mz.122-
50.SE3.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "flash:c3750-ipservicesk9-mz.122-50.SE3.bin" uncompressed and installed, entry point: 0x1000000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(50)SE3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 22-Jul-09 06:19 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000
Initializing flashfs...
flashfs[1]: 501 files, 7 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 32514048
flashfs[1]: Bytes used: 21870080
flashfs[1]: Bytes available: 10643968
flashfs[1]: flashfs fsck took 2 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
Checking for Bootloader upgrade.. upgrading.. writing boot sectors..done.
The system will now restart
Boot Sector Filesystem (bs) installed, fsid: 2
……………………………………………………………….中間省略
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 28 WS-C3750G-24TS-1U 12.2(50)SE3 C3750-IPSERVICESK9-M
<b>說明更新成功了</b>
Press RETURN to get started!
<b>配置交換機支援ssh</b>
3750G(config)# enable secret viong
3750G(config)#username viong password 123456
3750G(config)# line vty 0 4
3750G(config-line)#login local
3750G(config-line)#transport input ssh
<b>設定讓</b><b>cisco</b><b>交換機支援</b><b>SSH</b><b>連接配接</b>
也許就那麼幾個步驟!有點畫蛇添足寫這麼多。請别嫌棄我
但為了規範點,還是辛苦點整理出來。
本文轉自viong 51CTO部落格,原文連結:http://blog.51cto.com/viong/282327,如需轉載請自行聯系原作者
![黑客攻擊你的機器,往往用的源IP都不是自己的,都是僞裝打扮後,來攻擊你,這樣,你根本找不到他的位置,也就談不上抓了,那麼[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)