beautypg.com

Enabling and disabling first-time authentication, Enabling first-time authentication, Disabling first-time authentication – H3C Technologies H3C SecPath F1000-E User Manual

Page 170

background image

159

Specifying a source IP address/interface for the SSH client

This configuration task allows you to specify a source IP address or interface for the client to access the

SSH server, improving service manageability.

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Specify a source IP
address or interface for

the SSH client.

Specify a source IPv4 address or interface
for the SSH client:

ssh client source { ip ip-address | interface

interface-type interface-number }

Specify a source IPv6 address or interface

for the SSH client:

ssh client ipv6 source { ipv6 ipv6-address |
interface interface-type interface-number }

By default, an SSH client uses
the IP address of the outbound

interface defined by the route
to the SSH server to access the

SSH server.

Enabling and disabling first-time authentication

When the device connects to the SSH server as an SSH client, you can configure whether the device

supports first-time authentication.

With first-time authentication, when an SSH client not configured with the server host public key
accesses the server for the first time, the user can continue accessing the server, and save the host

public key on the client. When accessing the server again, the client will use the saved server host

public key to authenticate the server.

Without first-time authentication, a client not configured with the server host public key will refuse to
access the server. To enable the client to access the server, you must configure the server host public

key and specify the public key name for authentication on the client in advance.

Enabling first-time authentication

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the device to support

first-time authentication.

ssh client first-time enable

Optional.
By default, first-time authentication
is supported on a client.

Disabling first-time authentication

For successful authentication of an SSH client not supporting first-time authentication, the server host

public key must be configured on the client and the public key name must be specified.
To disable first-time authentication:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Disable first-time
authentication support.

undo ssh client first-time

By default, first-time authentication
is supported on a client.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: