2 ssh server configuration, 2 ssh server configuration -3 – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – SSH Terminal Service

H3C S3100-52P Ethernet Switch

Chapter 1 SSH Terminal Service

1-3

z

The server starts to authenticate the user. If the user is configured as having no
authentication on the server, the following step is skipped and the session request
stage starts directly.

z

The server authenticates the user in some way (see the following note), till the
authentication succeeds or the connection is terminated due to authentication
timeout.

Note:

SSH provides two kinds of authentication: password authentication and RSA
authentication.
(1) Password authentication works as follows:

z

The client sends the username and password to the server.

z

The server compares the received username and password against those
configured locally. The user passes the authentication if the server finds a match for
both username and password.

(2) RSA authentication works as follows:

z

Configure the RSA public key of the client at the server.

z

The client sends the member module of its RSA public key to the server.

z

The server checks the validity of the member module. If it is valid, the server
generates a random number, which is sent to the client after being encrypted with
RSA public key of the client.

z

Both the server and the client calculate authentication data by using the random
number and session ID.

z

The client sends the authentication data it calculates to the server.

z

The server compares the received authentication data with the authentication data
on itself. If they are identical, the authentication succeeds.

4) Session request stage. The client sends a session request to the server, which

processes the request and establish a session.

5) Interactive session stage. Both ends exchange data till the session ends.

1.1.2 SSH Server Configuration

The following table describes SSH Server configuration tasks.