Network requirements, Configuration procedure – H3C Technologies H3C S7500E Series Switches User Manual

11-24

[SwitchA] ssh client authentication server 10.165.87.136 assign publickey key1

[SwitchA] quit

# Establish an SSH connection to server 10.165.87.136.

ssh2 10.165.87.136

Username: client001

Trying 10.165.87.136

Press CTRL+K to abort

Connected to 10.165.87.136...

Enter password:

After you enter the correct password, you can log into Switch B successfully.

When Switch Acts as Client for Publickey Authentication

Network requirements

z

As shown in

Figure 11-14

, Switch A (the SSH client) needs to log into Switch B (the SSH server)

through the SSH protocol.

z

Publickey authentication is used, and the public key algorithm is DSA.

Figure 11-14 Switch acts as client for publickey authentication

Configuration procedure

During SSH server configuration, the client public key is required. Therefore, you are recommended to

use the client software to generate a DSA key pair on the client before configuring the SSH server.

1) Configure the SSH client

# Create VLAN-interface 1 and assign an IP address to it.

system-view

[SwitchA] interface vlan-interface 1

[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0

[SwitchA-Vlan-interface1] quit

# Generate a DSA key pair.

[SwitchA] public-key local create dsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++