为了能让cisco交换的远程连接对于账号密码的安全性有所提高,可以用ssh方式连接终端,但是很多出厂的交换机默认的ios是不支持ssh这个功能的,为了能让cisco交换机支持ssh,必须升级带“K9”的IOS.下面是出厂cisco 3750G-24TS默认ios的截图
<a href="http://blog.51cto.com/attachment/201003/001755419.jpg" target="_blank"></a>
3750交换机支持SSH需要12.1(11)EA1以上版本软件。
emi是增强型多层镜像,也就是对路由协议的支持更全;而smi是标准多层镜像。
特性集共有三种:IP BASE、IP Services和Advanced IP Services。
IP BASE:支持第2层转发和基本的第3层路由,包括EIGRP stub模式。
IP Services:包括IP BASE特性集,支持高级第3层路由,如OSPF和组播路由。
Advanced IP Services:包括IP Services,支持IPv6功能。
<b>解决方案步骤:</b><b> </b>
<b>1. </b><b>从</b><b>cisco</b><b>官网下载</b><b>ios</b>
<b>2. </b><b>升级</b><b>ios</b>
<b>3. </b><b>配置交换机支持</b><b>ssh</b>
<b>从cisco官网下载ios</b>
打开cisco官网
<a href="http://www.cisco.com/"><b>http://www.cisco.com<b>找到</b><b>products&services </b><b>点击选择</b><b>cisco ios and nc-os software</b></b></a>
也可以直接打开以下链接:
http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=282504484
会跳出登录界面
未注册的用户根据注册信息填写就行,但有一点就是邮箱一定要填写正确,因为注册后会发一份邮件到您的邮箱去激活才可以使用
<a href="http://blog.51cto.com/attachment/201003/002453696.jpg" target="_blank"></a>
接下来登录进去,选择后缀带SE版本就会自动链接其他页面去了
<a href="http://blog.51cto.com/attachment/201003/002557259.jpg" target="_blank"></a>
跳转下一个页面如下,选择要找交换机型号
<a href="http://blog.51cto.com/attachment/201003/002635849.jpg" target="_blank"></a>
跳转下一个页面如下,点解下载软件
<a href="http://blog.51cto.com/attachment/201003/002709126.jpg" target="_blank"></a>
跳转下一个页面如下,选择最新版本下载。但根据经验的话,最好选择最新版本后退一两个版本。这里我们选择最新IOS版本,并下载带“K9”字符的ios
<b>……………………………………………………省略</b>
<a href="http://blog.51cto.com/attachment/201003/002741953.jpg" target="_blank"></a>
跳转下一个页面如下
<a href="http://blog.51cto.com/attachment/201003/002812721.jpg" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201003/002933574.jpg" target="_blank"></a>
这样c3750-ipbasek9-mz.122-53.SE3.bin就下载来。后来发现!由于在应用中, cisco 3750G需支持其他一些路由协议。所以我这里就以c3750-ipservicesk9-mz.122-50.SE3.bin为升级版本IOS
提供一个非官网下载链接:
<a target="_blank" href="ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin">ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin</a>
11.6 MB大小
CISCO Server TFTP 下载地址:
<a target="_blank" href="ftp://87.241.226.154/3750/c3750-ipservicesk9-mz.122-50.SE3.bin">http://www.skycn.com/soft/18565.html#downUrlMap</a>
这里以CISCO Server TFTP升级方式,如下图
拷贝c3750-ipservicesk9-mz.122-50.SE3.bin
到TFTP目录下面
<a href="http://blog.51cto.com/attachment/201003/003124658.jpg" target="_blank"></a>
<b>升级ios</b>
3750G(config)#interface vlan 1
3750G(config-if)#ip add
3750G(config-if)#ip address 192.168.100.2 255.255.255.0
3750G(config-if)#end
3750G#ping 192.168.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
3750G#dir
Directory of flash:/
3 -rwx 1754 Feb 5 2010 16:40:45 +00:00 config.text
4 -rwx 5 Feb 5 2010 16:40:45 +00:00 private-config.text
7 drwx 192 Mar 1 1993 00:07:31 +00:00 c3750-ipbase-mz.122-35.SE5
32514048 bytes total (22883840 bytes free)
3750G#delete/force(不再询问确认) /recursive(删除目录下的子目录和文件) c3750-ipbase-mz.122-35.SE5
3750G#copy tftp flash (从tftp下载ios)
Address or name of remote host 192.168.100.1 输入tftp地址
Source filename c3750-ipservicesk9-mz.122-50.SE3.bin ios名称
Destination filename [c3750-ipservicesk9-mz.122-50.SE3.bin]回车
Accessing tftp://192.168.100.1/c3750-ipservicesk9-mz.122-50.SE3.bin...
Loading c3750-ipservicesk9-mz.122-50.SE3.bin from 192.168.100.1 (via Vlan1):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 12239852 bytes]
3750G#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3750G(config)#boot system flash:c3750-ipservicesk9-mz.122-50.SE3.bin
设置启动c3750-ipservicesk9-mz.122-50.SE3.bin为新IOS
3750G(config)#exit
3750G#wr
*Mar 1 03:59:40: %SYS-5-CONFIG_I: Configured from console by consoler
Building configuration...
[OK]
3750G#reload
Proceed with reload? [confirm] <b>回车</b>
*Mar 1 03:59:51: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
Base ethernet MAC Address: 3c:df:1e:c4:a1:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...
flashfs[0]: 501 files, 7 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 21870080
flashfs[0]: Bytes available: 10643968
flashfs[0]: flashfs fsck took 8 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs) installed, fsid: 3
done.
Loading "flash:c3750-ipservicesk9-mz.122-
50.SE3.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "flash:c3750-ipservicesk9-mz.122-50.SE3.bin" uncompressed and installed, entry point: 0x1000000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(50)SE3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 22-Jul-09 06:19 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000
Initializing flashfs...
flashfs[1]: 501 files, 7 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 32514048
flashfs[1]: Bytes used: 21870080
flashfs[1]: Bytes available: 10643968
flashfs[1]: flashfs fsck took 2 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
Checking for Bootloader upgrade.. upgrading.. writing boot sectors..done.
The system will now restart
Boot Sector Filesystem (bs) installed, fsid: 2
……………………………………………………………….中间省略
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 28 WS-C3750G-24TS-1U 12.2(50)SE3 C3750-IPSERVICESK9-M
<b>说明升级成功了</b>
Press RETURN to get started!
<b>配置交换机支持ssh</b>
3750G(config)# enable secret viong
3750G(config)#username viong password 123456
3750G(config)# line vty 0 4
3750G(config-line)#login local
3750G(config-line)#transport input ssh
<b>设置让</b><b>cisco</b><b>交换机支持</b><b>SSH</b><b>连接</b>
也许就那么几个步骤!有点画蛇添足写这么多。请别嫌弃我
但为了规范点,还是辛苦点整理出来。
本文转自viong 51CTO博客,原文链接:http://blog.51cto.com/viong/282327,如需转载请自行联系原作者
![黑客攻击你的机器,往往用的源IP都不是自己的,都是伪装打扮后,来攻击你,这样,你根本找不到他的位置,也就谈不上抓了,那么[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)