Disable first-time authentication, Client, Configuring whether first-time authentication is – H3C Technologies H3C S7500E Series Switches User Manual

11-11

Specifying a Source IP address/Interface for the SSH Client

This configuration task allows you to specify a source IP address or interface for the client to access

the SSH server, improving service manageability.

To do…

Use the command…

Remarks

Enter system view

system-view

—

Specify a

source IPv4

address or

interface for

the SSH client

ssh client source { ip ip-address | interface

interface-type interface-number }

Specify a

source IP

address or

interface for

the SSH client

Specify a

source IPv6

address or

interface for

the SSH client

ssh client ipv6 source { ipv6 ipv6-address |

interface interface-type interface-number }

Required

Select either

approach

By default, an SSH

client uses the IP

address of the

interface specified

by the route of the

device to access

the SSH server.

Configuring Whether First-time Authentication is Supported

When the device connects to the SSH server as an SSH client, you can configure whether the device

supports first-time authentication.

z

With first-time authentication, when an SSH client not configured with the server host public key

accesses the server for the first time, the user can continue accessing the server, and save the

host public key on the client. When accessing the server again, the client will use the saved

server host public key to authenticate the server.

z

Without first-time authentication, a client not configured with the server host public key will deny to

access the server. To access the server, a user must configure in advance the server host public

key locally and specify the public key name for authentication.

Enable the device to support first-time authentication

Follow these steps to enable the device to support first-time authentication:

To do...

Use the command…

Remarks

Enter system view

system-view

—

Enable the device to support

first-time authentication

ssh client first-time enable

Optional

By default, first-time authentication

is supported on a client.

Disable first-time authentication

For successful authentication of an SSH client not supporting first-time authentication, the server host

public key must be configured on the client and the public key name must be specified.

Follow these steps to disable first-time authentication: