beautypg.com

H3C Technologies H3C S3600 Series Switches User Manual

Page 935

background image

1-45

# Import the client’s public key file Switch001 and name the public key as Switch001.

[SwitchB] public-key peer Switch001 import sshkey Switch001

# Assign public key Switch001 to user client001

[SwitchB] ssh user client001 assign publickey Switch001

# Export the generated DSA host public key pair to a file named Switch002.

[SwitchB] public-key local export dsa ssh2 Switch002

When first-time authentication is not supported, you must first generate a DSA key pair on the server

and save the key pair in a file named Switch002, and then upload the file to the SSH client through FTP

or TFTP.

z

Configure Switch A

# Create a VLAN interface on the switch and assign an IP address, which serves as the SSH client’s

address in an SSH connection.

system-view

[SwitchA] interface vlan-interface 1

[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0

[SwitchA-Vlan-interface1] quit

# Generate a DSA key pair

[SwitchA] public-key local create dsa

# Export the generated DSA key pair to a file named Switch001.

[SwitchA] public-key local export dsa ssh2 Switch001

After generating the key pair, you need to upload the key pair file to the server through FTP or TFTP and

complete the server end configuration before you continue to configure the client.

# Disable first-time authentication on the device.

[SwitchA] undo ssh client first-time

This manual is related to the following products: