Ssh configuration examples, Network requirements, Network diagram – H3C Technologies H3C S3600 Series Switches User Manual

1-25

Operation

Original commands

Current commands

Specify on the client the
host public key of the
server to be connected

ssh client { server-ip |
server-name } assign rsa-key
keyname

ssh client { server-ip |
server-name } assign publickey
keyname

Assign a public key to an
SSH user

ssh user username assign
rsa-key keyname

ssh user username assign
publickey keyname

Create an SSH user and
specify publickey
authentication as its
authentication type

ssh user username
authentication-type rsa

ssh user username
authentication-type publickey

z

After RSA key pairs are generated, the display rsa local-key-pair public command displays two

public keys (the host public key and server public key) when the switch is working in

SSH1-compatible mode, but only one public key (the host public key) when the switch is working in

SSH2 mode.

z

The results of the display rsa local-key-pair public command or the public key converted with the

SSHKEY tool contains no information such as the authentication type, so they cannot be directly

used as parameters in the public-key peer command. For the same reason, neither can the

results of the display public-key local rsa public command be used in the rsa peer-public-key

command directly.

SSH Configuration Examples

When Switch Acts as Server for Local Password Authentication

Network requirements

As shown in

Figure 1-11

, establish an SSH connection between the host (SSH Client) and the switch

(SSH Server) for secure data exchange. The host runs SSH2.0 client software. Password

authentication is required.

Network diagram

Figure 1-11 Switch acts as server for local password authentication

Configuration procedure

z

Configure the SSH server

# Create a VLAN interface on the switch and assign an IP address, which the SSH client will use as the

destination for SSH connection.