初始化配置
串口连接信息
可以下载一个 MobaXterm ,新建 Session 选择 Serial 连接。
| 参数 | 值 |
|---|---|
| 比特率 | 9600 |
| 数据位 | 8 |
| 停止位 | 1 |
| 校验位 | None |
| 流控 | None |
设置主机名(可选)
[Huawei] sysname S6720-SW
[S6720-SW]
设置 console 登录密码
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] authentication-mode password
[Huawei-ui-console0] set authentication password cipher YOUR_NEW_PASSWORD
[Huawei-ui-console0] idle-timeout 10 0 // 可选,设置10分钟无操作自动退出
[Huawei-ui-console0] return
<Huawei> save
设置完成后,下次通过串口登录时就会提示输入密码。
设置 VTY 登录(远程 Telnet/SSH)
| 通道类型 | 用途 | 配置命令 |
|---|---|---|
| console | 串口登录(本地线缆) | user-interface console 0 |
| vty 0 4 | 远程登录 | user-interface vty 0 4 |
[Huawei] user-interface vty 0 4
[Huawei-ui-vty0-4] authentication-mode aaa
[Huawei-ui-vty0-4] protocol inbound ssh
[Huawei-ui-vty0-4] idle-timeout 10 0
[Huawei-ui-vty0-4] return
vty 0 4表示配置虚拟终端口(VTY),编号从 0 到 4,一共 5 个远程登录通道。(最大支持15个,0~14)
什么是 VTY?
VTY(Virtual Teletype)是华为设备上用于 Telnet / SSH 等远程登录的逻辑通道。VTY 默认支持 5 个并发远程登录用户(0~4)。
设置本地管理员账号(用于 SSH 远程登录)
[Huawei] aaa
[Huawei-aaa] local-user admin password cipher YOUR_PASSWORD
[Huawei-aaa] local-user admin privilege level 15
[Huawei-aaa] local-user admin service-type ssh
重置 console 密码
密码已遗忘,无法进入命令行(需要 BootROM 模式)
重启交换机,进入 BootROM
- 保持串口连接
- 重启设备(拔插电源或远程重启)
- 当屏幕出现如下提示(需尽早按 Ctrl+B):
Press Ctrl+B to enter BootROM menu.
立刻按下 Ctrl + B(注意 B 必须大写)
输入 BootROM 密码(默认密码)
- console 重置密码有时候需要输入内置的默认密码验证
- Huawei12#$ (早期设备)
Admin@huawei.com(较新设备)
清除 console 用户密码
选项选择“Clear password for console user”等类似的关键词,清除成功之后选择“Boot with default mode”启动默认的模式,然后设置新的 console 密码即可。
回车后重新设置密码
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] set authentication password cipher YOUR_NEW_PASSWORD
[Huawei-ui-console0] return
<Huawei> save
但是我这里报错:
[Huawei-ui-console0]set authentication password cipher mypass.com
Error: The password cannot be set under the authentication mode which is not the password mode.
说明我当前的 console 登录认证模式不是 password,而可能是 aaa,因此无法用 set authentication password cipher 设置密码。
将 console 修改为 password 模式认证:
[Huawei] user-interface console 0
[Huawei-ui-console0] authentication-mode password
[Huawei-ui-console0] set authentication password cipher YOUR_NEW_PASSWORD
[Huawei-ui-console0] return
<Huawei> save
温馨提示:每种登录方式(console / ssh / telnet)都可以单独配置认证方式(password 或者 aaa),其中 ssh 必须为 aaa 认证。
具体的实操过程
Wind River Linux 6.0.0.30 localhost console
localhost login: root (automatic login)
Jan 23 2017, 19:34:09
BootLoad version : 020a.0001
Backup U-Boot ............................................................. done
Backup RCW ................................................................ done
Press Ctrl+B or Ctrl+E to enter BootLoad menu: 2
Password:
The default password is used now. Change the password.
BootLoad Menu
1. Boot with default mode
2. Enter serial submenu
3. Enter startup submenu
4. Enter ethernet submenu
5. Enter filesystem submenu
6. Enter password submenu
7. Clear password for console user
8. Reboot
(Press Ctrl+E to enter diag menu)
Enter your choice(1-8): 7
Note: Clear password for console user? Yes or No(Y/N): Y
Clear password for console user successfully.
Note: Choose "1. Boot with default mode" to boot, then set a new password
BootLoad Menu
1. Boot with default mode
2. Enter serial submenu
3. Enter startup submenu
4. Enter ethernet submenu
5. Enter filesystem submenu
6. Enter password submenu
7. Clear password for console user
8. Reboot
(Press Ctrl+E to enter diag menu)
Enter your choice(1-8): 1
Now, the current startup file is flash:/1.cc
Info: Check signature, please wait........................
...
...
Recover configuration begin ...
Recover configuration end
Press ENTER to get started.
Warning: There is a risk on the user-interface which you login through. Please change the configuration of the user-interface as soon as possible.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] authentication-mode password
[Huawei-ui-console0] set authentication password cipher YOUR_NEW_PASSWORD
[Huawei-ui-console0] idle-timeout 10 0
[Huawei-ui-console0] return
<Huawei> save
...
根据提示按 Y 保存配置
评论区