• 5 Amaliy ishi uchun topshiriq
  • Nazorat savollari
    		•

    SSH protokolini yoqish va sozlash




    Download 1.52 Mb.
    bet3/3
    Sana28.10.2023
    Hajmi1.52 Mb.
    #90624
    1   2   3
    Bog'liq
    Amaliy ishini №5 KT uzb (2)
    компютер ташкил этиш — копия, компютер тармоқлари
    SSH protokolini yoqish va sozlash:
    Router va PC4 qo'shishingiz kerak, qo'shilgan tarmoq elementlari kalitga ulanishi kerak. PC4 bilan routerga konsol kabeli ulangan bo'lishi kerak. Biz PC4-dan faqat SSH-ni sozlash uchun foydalanamiz, marshrutizator va kalitning keyingi konfiguratsiyasi administrator kompyuteri (PC3) orqali amalga oshiriladi.

    4.6-rasm – PC4-ni routerga konsol kabeli bilan ulash. Oʻzgartirishni sozlash.
    Keyinchalik, kalitda biz routerga ulangan portlarni ko'taramiz:
    KompSetiS(config)#int fa0/5
    KompSetiS(config-if)#switchport mode trunk
    KompSetiS(config-if)#exit

    Keyinchalik, kompyuter konsoli orqali kirish uchun IP manzilini, router nomini va parolni belgilashingiz kerak. Routerni oching, CLI bo'limiga o'ting va quyidagi sozlamalarni o'rnating:


    Router>enable
    Router#conf t
    Router (config)#hostname KompSetiR
    KompSetiR(config)#enable secret 312
    KompSetiR(config)#int gig0/0
    KompSeti(config-if)#ip address 192.168.1.11 255.255.255.0
    KompSeti(config-if)#no shutdown
    KompSeti(config-if)#exit

    4.7-rasm – Routerga kirish uchun nom va parolni belgilash.
    Keyinchalik, biz PC3-ga kiramiz, konsolni ochamiz, buning uchun siz yuqori yorliqda tanlashingiz kerak Desktop → Terminal → OK

    4.8-rasm – Routerdagi sozlamalarning to'g'riligini kompyuter konsolidan tekshiramiz.
    Administrator hisobini yarating va parol va imtiyozlar darajasini o'rnating

    KompSetiR(config)#username admin privilege 15 password 15


    Biz virtual ulanishni ko'taramiz, terminal liniyalari konfiguratsiyasini kiritamiz va masofaviy ulanish turini (SSH) tanlaymiz.
    KompSeti(config)#line console 0
    KompSeti(config-line)#login local
    KompSeti(config-line)#end
    KompSeti#int vlan 1
    KompSeti(config)#line vty 0 4
    KompSeti(config-line)#transport input telnet
    KompSeti(config-line)#login local
    KompSeti(config-line)#end

    4.9-rasm – Hisob yarating va masofaviy kirishni o'rnating
    SSH protokoli orqali ulanishni o'rnatish uchun siz domen nomini (Router) belgilashingiz, kriptografik kirish kalitini yaratishingiz va SSH 2-versiya protokolining o'zini yoqishingiz kerak.
    KompSetiM(config)#ip domain-name Router
    KompSetiM(config)#ip ssh version 2
    Please create RSA keys (of at least 768 bits size) to enable SSH v2.
    KompSetiM(config)#crypto key generate rsa
    The name for the keys will be: KompSetiM.Router
    Choose the size of the key modulus in the range of 360 to 2048 for your
    General Purpose Keys. Choosing a key modulus greater than 512 may take
    a few minutes.
    How many bits in the modulus [512]: 1024
    % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
    KompSetiM(config)#ip ssh verison 2
    *Mar 1 0:47:18.582: %SSH-5-ENABLED: SSH 2 has been enabled

    4.10 – SSH sozlamalari
    Routerga masofadan kirishni ssh protokoli orqali tekshiramiz. Birinchidan, biz Ping buyrug'idan foydalanamiz, keyin biz Telnet protokoli yordamida ulanishga harakat qilamiz, biz muvaffaqiyatsizlikni ko'ramiz, keyin ssh protokoli yordamida ulanishga harakat qilamiz.
    C:\>ping 192.168.1.11
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    C:\>telnet 192.168.1.11
    Trying 192.168.1.11 ...Open
    [Connection to 192.168.1.11 closed by foreign host]
    C:\>ssh -l admin 192.168.1.11
    Password: «вводим пароль»
    KompSetiR#

    4.11 – rasm Routerga SSH orqali masofadan kirishni tekshirish
    4-laboratoriya oxirida, barcha konsol kabellari olib tashlangan holda, bizda quyidagi IP manzillari va nomlari bilan 1 ta kalit, 1 router va 4 ta kompyuterni o'z ichiga olgan tarmoq mavjud:



    Наименование

    IP адрес

    1

    Switch (KompSetiS)

    192.168.1.200

    1

    Router (KompSetiR)

    192.168.1.210

    1

    Admin PC

    192.168.1.2

    2

    PC0

    192.168.1.3

    3

    PC1

    192.168.1.4

    4

    PC2

    192.168.1.5

    Switch (KompSetiS): Username: admin; Password: 15
    Router (KompSetiR): Username: admin; Password: 15

    4.12-rasm – Tarmqoni oxirgi natijasi, laboratoriya ishi № 4
    5 Amaliy ishi uchun topshiriq:

    • Admin PC kompyuterdan kommutatorga Telnet ulanishini o'rnating;

    • Admin PC kompyuteridan SSH routerga SSH ulanishini o‘rnating;

    • Quyidagi laboratoriyalar uchun tarmoqni tayyorlang.

    Nazorat savollari

      1. Telnet protokoli nima uchun zarur?

    2. Telnet protokolidan foydalanishning foydasi nimada?
    3. Telnet va SSH o'rtasidagi farq nima?
    4. Nima uchun Telnet protokolidan foydalanish xavfsizlik uchun xavf hisoblanadi?
    5. SSH protokolidan foydalanishning afzalligi nima?
    Download 1.52 Mb.
    1   2   3




    Download 1.52 Mb.