Specifying a service type for an ssh user, Configuring ssh management – H3C Technologies H3C WX3000 Series Unified Switches User Manual

46-8

z

Under the password authentication mode, the level of commands available to a logged-in SSH
user is determined by AAA, and different users with this authentication mode may enjoy different
levels.

Specifying a Service Type for an SSH User

Follow these steps to specify the service type of an SSH user:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Specify a service type for an
SSH user

ssh user username service-type

{ stelnet |

sftp

| all }

Required

stelnet

by default

If the ssh user service-type command is executed with a username that does not exist, the system will
automatically create the SSH user. However, the user cannot log in unless you specify an
authentication type for it.

Configuring SSH Management

The SSH server provides a number of management functions that prevent illegal operations such as
malicious password guess, to further guarantee the security of SSH connections.

Follow these steps to configure SSH management:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Set SSH authentication
timeout time

ssh server timeout

seconds

Optional
By default, the timeout time is 60 seconds.

Set SSH authentication
retry times

ssh server
authentication-retries

times

Optional
By default, the number of retry times is 3.

Set RSA server key update
interval

ssh server rekey-interval
hours

Optional
By default, the system does not update RSA
server keys.

Configure SSH server to
be compatible with SSH1.x
clients

ssh server compatible-ssh1x
enable

Optional
By default, SSH server is compatible with
SSH1.x clients.

Configure a login header

header shell text

Optional
By default, no login header is configured.