R0106-HP MSR Router Series Security Configuration Guide(V7)
54
Figure 13 Adding an account for device management
2. Configure the router:
# Assign an IP address to interface GigabitEthernet 2/1/1, the SSH user access interface.
<Router> system-view
[Router] interface gigabitethernet 2/1/1
[Router-GigabitEthernet2/1/1] ip address 192.168.1.70 255.255.255.0
[Router-GigabitEthernet2/1/1] quit
# Assign an IP address to interface GigabitEthernet 2/1/2, through which the router
communicates with the server.
[Router] interface gigabitethernet 2/1/2
[Router-GigabitEthernet2/1/2] ip address 10.1.1.2 255.255.255.0
[Router-GigabitEthernet2/1/2] quit
# Create local RSA and DSA key pairs.
[Router] public-key local create rsa
[Router] public-key local create dsa
# Enable the SSH service.
[Router] ssh server enable
# Enable scheme authentication for user lines VTY 0 through VTY 63.
[Router] line vty 0 63
[Router-line-vty0-63] authentication-mode scheme
[Router-line-vty0-63] quit
# Enable the default user role function to assign authenticated SSH users the default user role
network-operator.