InspurS6650等保命令
conf t
//启用SSH,并配置登录超时10分钟
ip ssh version 2 ip domain name inspur crypto key generate rsa general-keys modulus 1024 ip ssh time-out 120
/开启强密码检测及密码有效期
aaa new-model aaa common-criteria policy policyl lifetime month 3 max-length 24 min-length 8lower-case 1 numeric-count 1 special-case 1 upper-case 1 exit
//创建不同权限的用户
username userl privilege 15 common-criteria-policy policyl secer Inspur@123 username user2 privilege 10 common-criteria-policy policyl secert Inspur@123 username user3 privilege 5 common-criteria-policy policyl secert Inspur@123
//登录5次失败锁定10分钟
login block-for 600 attempts 5 within 60
//配置登录ACL
ip access-list standard UsersLogin 10 permit x.x.x.x exit
//设置登录协议、登录ACL引|用
line vty 0 4 transport input ssh access-class UsersLogin in exit
//配置日志服务器
logging host x.x.x.x logging source-interface eth x/x vrf VRF-NAME
/配置NTP、SNMP
ntp server x.x.x.x snmp-server community inspur RO snmp-sec
//配置镜像接
monitor session 1 source interface Tel/0/xmonitor session destination interface Tel/0/y
//退出配置视图并保存配置
end write