beautypg.com

Disable first-time authentication, Displaying and maintaining ssh – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 617

background image

64-12

Disable first-time authentication

For successful authentication of an SSH client not supporting first-time authentication, the server host
public key must be configured on the client and the public key name must be specified.

Follow these steps to disable first-time authentication:

To do...

Use the command…

Remarks

Enter system view

system-view

Disable first-time
authentication support

undo ssh client first-time

Optional
By default, first-time authentication
is supported on a client.

Configure the server public key

Refer to

0 Configuring a Client Public

Key

Required
The method of configuring server
public key on the client is similar to
that of configuring client public key
on the server.

Specify the host public key
name of the server

ssh client

authentication server

server

assign publickey keyname

Required

Establishing a Connection Between the SSH Client and the Server

Follow these steps to establish the connection between the SSH client and the server:

To do...

Use the command…

Remarks

Establish a connection
between the SSH client and
the IPv4 server, and specify
the preferred key exchange
algorithm, encryption
algorithms, and HMAC
algorithms for them

ssh2

server [ port-number ] [ identity-key

{ dsa | rsa } | prefer-ctos-cipher { aes128
| des } | prefer-ctos-hmac { md5 |
md5-96

| sha1 | sha1-96 } | prefer-kex

{ dh-group-exchange | dh-group1 |
dh-group14

} | prefer-stoc-cipher

{ aes128 | des } | prefer-stoc-hmac
{ md5 | md5-96 | sha1 | sha1-96 } ] *

Establish a
connection
between the
SSH client and
the server, and
specify the
preferred key
exchange
algorithm,
encryption
algorithms, and
HMAC
algorithms for
them

Establish a connection
between the SSH client and
the IPv6 server, and specify
the preferred key exchange
algorithm, encryption
algorithms, and HMAC
algorithms for them

ssh2

ipv6 server [ port-number ]

[ identity-key { dsa | rsa } |
prefer-ctos-cipher

{ aes128 | des } |

prefer-ctos-hmac

{ md5 | md5-96 | sha1

| sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 |
dh-group14

} | prefer-stoc-cipher

{ aes128 | des } | prefer-stoc-hmac
{ md5 | md5-96 | sha1 | sha1-96 } ] *

Required
Use either
command in
user view.

Displaying and Maintaining SSH

To do…

Use the command…

Remarks

Display information about the public keys of
the local key pair

display public-key local

{ dsa |

rsa

} public

Available in any view

Display information about the public keys

display public-key peer

[ brief |

name publickey-name

]

Available in any view

Display the source IP address or interface
currently set for the SFTP client

display sftp client source

Available in any view

See also other documents in the category H3C Technologies Routers: