H3C Technologies H3C S7500E Series Switches User Manual
Page 237
12-7
[SwitchA] public-key local export rsa ssh2 pubkey
[SwitchA] quit
Then, you need to transmit the public key file to the server through FTP or TFTP.
2) Configure the SFTP server
# Generate the RSA key pairs.
[SwitchB] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++
++++++++++++++
+++++
++++++++
# Generate a DSA key pair.
[SwitchB] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++
# Enable the SSH server.
[SwitchB] ssh server enable
# Enable the SFTP server.
[SwitchB] sftp server enable
# Configure an IP address for VLAN-interface 1, which the SSH client uses as the destination for SSH
connection.
[SwitchB] interface vlan-interface 1
[SwitchB-Vlan-interface1] ip address 192.168.0.1 255.255.255.0
[SwitchB-Vlan-interface1] quit
# Set the authentication mode on the user interfaces to AAA.
[SwitchB] user-interface vty 0 4
[SwitchB-ui-vty0-4] authentication-mode scheme
# Set the protocol that a remote user uses to log in as SSH.
[SwitchB-ui-vty0-4] protocol inbound ssh
[SwitchB-ui-vty0-4] quit
# Import the peer public key from the file pubkey.
[SwitchB] public-key peer Switch001 import sshkey pubkey
# For user client001, set the service type as SFTP, authentication method as publickey, public key as
Switch001, and working folder as flash:/
[SwitchB] ssh user client001 service-type sftp authentication-type publickey assign publickey
Switch001 work-directory flash:/