beautypg.com

Ssh configuration examples, Network requirements – H3C Technologies H3C S3100 Series Switches User Manual

Page 734

background image

1-21

Operation

Original commands

Current commands

Display information about
the peer RSA public keys

display rsa peer-public-key
[ brief | name keyname ]

display public-key peer [ brief |
name pubkey-name ]

Generate a RSA key pair

rsa local-key-pair create

public-key local create rsa

Destroy a RSA key pair

rsa local-key-pair destroy

public-key local destroy rsa

Enter public key view

rsa peer-public-key keyname public-key

peer

keyname

Import RSA public key from
public key file

rsa peer-public-key keyname
import sshkey filename

public-key peer keyname
import sshkey filename

Specify publickey
authentication as the
default authentication type

ssh authentication-type default
rsa

ssh authentication-type
default publickey

Specify on the client the
host public key of the
server to be connected

ssh client { server-ip |
server-name } assign rsa-key
keyname

ssh client { server-ip |
server-name } assign publickey
keyname

Assign a public key to an
SSH user

ssh user username assign
rsa-key keyname

ssh user username assign
publickey keyname

Create an SSH user and
specify pubblickey
authentication as its
authentication type

ssh user username
authentication-type rsa

ssh user username
authentication-type publickey

z

After the RSA key pair is generated, the display rsa local-key-pair public command displays two

public keys (the host public key and server public key) when the S3100-EI switch is working in

SSH1-compatible mode, but only one public key (the host public key) when the switch is working in

SSH2 mode.

z

The result of the display rsa local-key-pair public command or the public key converted with the

SSHKEY tool contains no information such as the authentication type, so they cannot be directly

used as parameters in the public-key peer command. For the same reason, neither can the result

of the display public-key local rsa public command be used in the rsa peer-public-key

command directly.

SSH Configuration Examples

When Switch Acts as Server for Local Password Authentication

Network requirements

As shown in

Figure 1-10

, establish an SSH connection between the host (SSH Client) and the switch

(SSH Server) for secure data exchange. The host runs SSH2.0 client software. Password

authentication is required.

See also other documents in the category H3C Technologies Routers: