Network requirements, Configuration procedure – H3C Technologies H3C S6300 Series Switches User Manual

304

•

When the device acts as a NETCONF-over-SSH server, only RSA and ECDSA key pairs are

supported. Do not generate a DSA key pair on the NETCONF-over-SSH server.

Network requirements

As shown in

Figure 98

:

•

The switch uses local password authentication.

•

The client's username and password are saved on the switch.

Establish a NETCONF-over-SSH connection between the host and the switch, so that you can log in to the
switch to perform NETCONF operations.

Figure 98 Network diagram

Configuration procedure

# Generate RSA key pairs.

system-view

[Switch] public-key local create rsa

The range of public key size is (512 ~ 2048).

If the key modulus is greater than 512, it will take a few minutes.

Press CTRL+C to abort.

Input the modulus length [default = 1024]:

Generating Keys...

........................++++++

...................++++++

..++++++++

............++++++++

Create the key pair successfully.

# Generate a DSA key pair.

[Switch] public-key local create dsa

The range of public key size is (512 ~ 2048).

If the key modulus is greater than 512, it will take a few minutes.

Press CTRL+C to abort.

Input the modulus length [default = 1024]:

Generating Keys...

.++++++++++++++++++++++++++++++++++++++++++++++++++*

........+......+.....+......................................+

...+.................+..........+...+.

Create the key pair successfully.

# Enable NETCONF over SSH.

[Switch] netconf ssh server enable