H3C Technologies H3C SecPath F1000-E User Manual
Page 171
160
Step Command
Remarks
3.
Configure the server host
public key.
See "
The method for configuring the
server host public key on the client
is similar to that for configuring
client's host public key on the
server.
4.
Specify the host public key
name of the server.
ssh client authentication server
server assign publickey keyname
N/A
Establishing a connection between an SSH client and the server
To establish a connection between an SSH client and the IPv4 server:
Task Command
Remarks
Establish a connection
between the SSH client and
the IPv4 server, and specify
algorithms involved during
the connection.
•
In non-FIPS mode:
ssh2 server [ port-number ] [ identity-key
{ dsa | rsa } | prefer-ctos-cipher { 3des |
aes128 |aes256 | des } | prefer-ctos-hmac
{ md5 | md5-96 | sha1 | sha1-96 } |
prefer-kex { dh-group-exchange |
dh-group1 | dh-group14 } |
prefer-stoc-cipher { 3des | aes128 | aes256
| des } | prefer-stoc-hmac { md5 | md5-96 |
sha1 | sha1-96 } ] *
•
In FIPS mode:
ssh2 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key rsa |
prefer-ctos-cipher { aes128 | aes256 } |
prefer-ctos-hmac { sha1 | sha1-96 } |
prefer-kex dh-group14 | prefer-stoc-cipher
{ aes128 | aes256 } | prefer-stoc-hmac
{ sha1 | sha1-96 } ] *
Use either command in
user view.
To establish a connection between an SSH client and the IPv6 server:
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS