H3C Technologies H3C S6300 Series Switches User Manual
Page 318
303
........+......+.....+......................................+
...+.................+..........+...+.
Create the key pair successfully.
# Enable the SSH server.
[SwitchB] ssh server enable
# Configure an IP address for VLAN-interface 2. The SCP client uses this address as the destination
for SCP connection.
[SwitchB] interface vlan-interface 2
[SwitchB-Vlan-interface2] ip address 192.168.0.1 255.255.255.0
[SwitchB-Vlan-interface2] quit
# Create a local device management user named client001 with the plaintext password aabbcc,
the service type ssh, and the user role network-admin.
[SwitchB] local-user client001 class manage
[SwitchB-luser-manage-client001] password simple aabbcc
[SwitchB-luser-manage-client001] service-type ssh
[SwitchB-luser-manage-client001] authorization-attribute user-role network-admin
[SwitchB-luser-manage-client001] quit
# Configure an SSH user client001 with service type scp and authentication method password.
[SwitchB] ssh user client001 service-type scp authentication-type password
2.
Configure an IP address for VLAN-interface 2 on the SCP client.
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] ip address 192.168.0.2 255.255.255.0
[SwitchA-Vlan-interface2] quit
[SwitchA] quit
3.
Connect to the SCP server, download the file remote.bin from the server, and save it locally with
the name local.bin.
Username: client001
Connecting to 192.168.0.1 port 22.
The server is not authenticated. Continue? [Y/N]:y
Do you want to save the server public key? [Y/N]:n
[email protected]’s password:
remote.bin 100% 2875 2.8KB/s 00:00
NETCONF over SSH configuration example with
password authentication
This example is available in Release 2311P04 and later versions.
The device in the configuration example is in non-FIPS mode.
When you configure NETCONF-over-SSH on a device that operates in FIPS mode, follow these
restrictions and guidelines:
•
The modulus length of the key pair must be 2048 bits.