Generating/destroying key pairs – H3C Technologies H3C S3100 Series Switches User Manual

1-7

z

You can configure a login header only when the service type is stelnet. For configuration of service

types, refer to

Specifying a Service Type for an SSH User

.

z

For details of the header command, refer to the corresponding section in Login Command.

z

Currently, only the S3100-EI series support the ssh server rekey-interval command.

Configuring the SSH Server to Be Compatible with SSH1 Clients

Follow these steps to configure the SSH server to be compatible with SSH1 clients:

To do...

Use the command...

Remarks

Enter system view

system-view

—

Configure the SSH server to be
compatible with SSH1 clients

ssh server
compatible-ssh1x
enable

Optional

By default, the SSH server is
compatible with SSH1 clients.

Currently, only the S3100-EI series support the ssh server compatible-ssh1x enable command.

Generating/Destroying Key Pairs

This configuration task lets you generate or destroy a key pair. You must generate an RSA and DSA key

pair on the server for an SSH client to log in successfully. When generating a key pair, you will be

prompted to enter the key length in bits, which is between 512 and 2048. The default length is 1024. In

case a key pair already exists, the system will ask whether to replace the existing key pair.

Table 1-5 Follow these steps to create or destroy key pairs:

To do...

Use the command...

Remarks

Enter system view

system-view

—

Generate an RSA key pair

public-key local create rsa

Required

By default, no RSA key pair is
created.

Destroy the RSA key pair

public-key local destroy rsa

Optional

Use the command to destroy
the generated RSA key pair.

Generate a DSA key pair

public-key local create dsa

Required

By default, no DSA key pair is
created.