CISCO IOS中,SSH建立的时候,需要USERNAME和DOMAIN NAME来创建,CISCO需要将这两者组合加密,才能封装成相应的SSH文件,所以,如果只在VTY中设置使用SSH模式,而没有创建SSH文件的话,仍然无法以SSH模式连接。

所以,具体的建立顺序应该是这样的:

router (config)# hostname netrouter netrouter (config)# ip domain-name ciscolab.home netrouter (config)# crypto key generate rsa The name for the keys will be: netrouter.ciscolab.home Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.

How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys …[OK]                     (这里需要设定大于512才可以生成SSHv2)

netrouter (config)# ip ssh authentication-retries 5        (密码重试次数) netrouter (config)# ip ssh time-out 120                    (登录时留给输入密码的时间) netrouter (config)# ip ssh version 2