Enabling the ssh server function, Enabling the sftp server function – H3C Technologies H3C S12500-X Series Switches User Manual

Page 184

172

492B

Configuration guidelines

•

SSH supports locally generated DSA and RSA key pairs with default names rather than with

specified names. For more information about the commands that are used to generate keys, see
Security Command Reference.

•

The public-key local create rsa command generates a server key pair and a host key pair for RSA.
SSH1 uses the public key in the server key pair of the SSH server to encrypt the session key before

transmitting the session key. Because SSH2 uses the DH algorithm to separately generate the

session key on the SSH server and the client, no session key transmission is required and thus the
server key pair is not used in SSH2.

•

The public-key local create dsa command generates only a host key pair. SSH1 does not support
the DSA algorithm.

•

The key modulus length must be less than 2048 bits when you use the public-key local create dsa
command to generate the DSA key pair on the SSH server.

493B

Configuration procedure

To generate local DSA or RSA key pairs on the SSH server:

Step Command

Remarks

Enter system view.

system-view

N/A

Generate local DSA or RSA
key pairs.

public-key local create { dsa | rsa }

By default, no key pairs exist.

265B

Enabling the SSH server function

The SSH server function on the device allows clients to communicate with the device through SSH.
The device that acts as an SSH server does not support SFTP or SCP connection initiated by an SSH1

client.
To enable the SSH server function:

Step Command

Remarks

Enter system view.

system-view

N/A

Enable the SSH server
function.

ssh server enable

By default, the SSH server function
is disabled.

266B

Enabling the SFTP server function

This SFTP server function enables clients to log in to the device through SFTP.
To enable the SFTP server function:

Step Command

Remarks

Enter system view.

system-view

N/A

Enable the SFTP server
function.

sftp server enable

By default, the SFTP server function
is disabled.

This manual is related to the following products:

H3C S5560 Series Switches H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C S9800 Series Switches H3C S5130 Series Switches H3C S5120 Series Switches