beautypg.com

Network diagram, Configuration procedure – H3C Technologies H3C S3600 Series Switches User Manual

Page 934

background image

1-44

Network diagram

Figure 1-32 Switch acts as client and first-time authentication is not supported

Configuration procedure

z

Configure Switch B

# Create a VLAN interface on the switch and assign an IP address for it to serve as the destination of

the client.

system-view

[SwitchB] interface vlan-interface 1

[SwitchB-Vlan-interface1] ip address 10.165.87.136 255.255.255.0

[SwitchB-Vlan-interface1] quit

Generating the RSA and DSA key pairs on the server is prerequisite to SSH login.

# Generate RSA and DSA key pairs.

[SwitchB] public-key local create rsa

[SwitchB] public-key local create dsa

# Set AAA authentication on user interfaces.

[SwitchB] user-interface vty 0 4

[SwitchB-ui-vty0-4] authentication-mode scheme

# Configure the user interfaces to support SSH.

[SwitchB-ui-vty0-4] protocol inbound ssh

# Set the user command privilege level to 3.

[SwitchB-ui-vty0-4] user privilege level 3

[SwitchB-ui-vty0-4] quit

# Specify the authentication type for user client001 as publickey.

[SwitchB] ssh user client001 authentication-type publickey

Before doing the following steps, you must first generate a DSA key pair on the client and save the key

pair in a file named Switch001, and then upload the file to the SSH server through FTP or TFTP. For

details, refer to the following “Configure Switch A”.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: