beautypg.com

Disable first-time authentication – H3C Technologies H3C SecPath F1000-E User Manual

Page 66

background image

10

To do…

Use the command…

Remarks

Specify a
source IPv4

address or

interface for the

SSH client

ssh client source { ip ip-address | interface

interface-type interface-number }

Specify a
source IP

address or

interface for the

SSH client

Specify a
source IPv6

address or

interface for the
SSH client

ssh client ipv6 source { ipv6 ipv6-address |
interface interface-type interface-number }

Required
By default, an SSH
client uses the IP

address of the

interface specified

by the route of the
device to access the

SSH server.

Configuring Whether First-time Authentication is Supported

When the device connects to the SSH server as an SSH client, you can configure whether the device

supports first-time authentication.

With first-time authentication, when an SSH client not configured with the server host public key
accesses the server for the first time, the user can continue accessing the server, and save the host

public key on the client. When accessing the server again, the client will use the saved server host

public key to authenticate the server.

Without first-time authentication, a client not configured with the server host public key will deny to
access the server. To access the server, a user must configure in advance the server host public key

locally and specify the public key name for authentication.

Enable the device to support first-time authentication

Follow these steps to enable the device to support first-time authentication:

To do...

Use the command…

Remarks

Enter system view

system-view

Enable the device to support
first-time authentication

ssh client first-time enable

Optional
By default, first-time authentication
is supported on a client.

Disable first-time authentication

For successful authentication of an SSH client not supporting first-time authentication, the server host

public key must be configured on the client and the public key name must be specified.
Follow these steps to disable first-time authentication:

To do...

Use the command…

Remarks

Enter system view

system-view

Disable first-time authentication
support

undo ssh client first-time

Required
By default, first-time authentication
is supported on a client.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: