3Com 10014303 User Manual

Table 3-2 Configure and destroy RSA key-pairs

Operation

Command

Generate RSA key-pairs

rsa local-key-pair create

Destroy the RSA key-pairs

rsa local-key-pair destroy

Caution:

An essential operation underlying a successful SSH login is generating local RSA key-pairs. Before
performing any other SSH configuration tasks, you must generate a local key-pair by configuring the rsa
local-key-pair create command.
It is only necessary for you to execute this command once and you do not have to execute it again after
rebooting the router.

II. Configure Authentication Type for an SSH User

Only SSH users can pass the SSH authentication. There are two SSH authentication

modes: password authentication and RSA authentication. You can use both at the

same time.

When configuring the SSH user, you must set the SSH user’s rights (Administrator,

Operator or Guest) and specify the authentication mode.

Perform the following configuration in system view.

Table 3-3 Configure authentication type for an SSH user

Operation

Command

Configure an SSH user

local-user username service-type ssh { administrator | operator |
guest } password { simple | cipher } password

Configure an authentication type for
an SSH user

ssh user username authentication-type

{ password | RSA | all }

Remove the authentication type set
for the specified SSH user

undo ssh user username authentication-type

By default, login authentication type is not specified for users. Login requests are

refused.

Perform this task to set a server key-pair updating interval for securing the SSH

connections to the system.

Perform the following configuration in system view.

Table 3-4 Set server key-pair updating interval

Operation

Command

3Com Router Configuration Guide Addendum for V1.20

30