beautypg.com

Generating/destroying a rsa or dsa key pair – H3C Technologies H3C WX3000 Series Unified Switches User Manual

Page 477

background image

46-5

Task

Remark

Assigning a Public Key to an SSH User

Required for pubilckey authentication;
unnecessary for password authentication

Specifying a Source IP Address/Interface for
the SSH Server

Optional

Configuring the Protocol Support for the User Interface

You must configure the supported protocol(s) for SSH remote login. Note that the configuration does not
take effect immediately, but will be effective for subsequent login requests.

Follow these steps to configure the protocol(s) that a user interface supports:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter the view of one or multiple
user interfaces

user-interface

[ type ] first-number

[ last-number ]

Configure the authentication mode
as scheme

authentication-mode

scheme

[ command-authorization ]

Required
By default, the user interface
authentication mode is password

Specify the supported protocol(s)

protocol inbound

{ all |ssh |

telnet

}

Optional
By default, both Telnet and SSH
are supported.

z

If you have configured a user interface to support SSH protocol, you must configure AAA
authentication for the user interface by using the authentication-mode scheme command to
ensure successful login.

z

On a user interface, if the authentication-mode password or authentication-mode none
command has been executed, the protocol inbound ssh command is not available. Similarly, if
the protocol inbound ssh command has been executed, the authentication-mode password
and authentication-mode none commands are not available.

Generating/Destroying a RSA or DSA Key Pair

This configuration task lets you generate or destroy a key pair. You must generate an RSA or DSA key
pair on the server for an SSH client to log in successfully. When generating a key pair, you will be
prompted to enter the key length in bits, which is between 512 and 2048. In case a key pair already
exists, the system will ask whether to replace the existing key pair.

Follow these steps to create or destroy a key pair:

To do…

Use the command…

Remarks

Enter system view

system-view

See also other documents in the category H3C Technologies Routers: