beautypg.com

Enabling and disabling first-time authentication, Enabling first-time authentication, Disabling first-time authentication – H3C Technologies H3C SecBlade LB Cards User Manual

Page 176

background image

165

Step Command

Remarks

2.

Specify a source IP address
or source interface for the

Stelnet client.

Specify a source IPv4 address or source

interface for the Stelnet client:

ssh client source { interface interface-type
interface-number | ip ip-address }

Specify a source IPv6 address or source

interface for the Stelnet client:
ssh client ipv6 source { interface

interface-type interface-number | ipv6

ipv6-address }

Use either command.

Enabling and disabling first-time authentication

When the device works as an SSH client and connects to the SSH server, you can configure whether the

device supports first-time authentication.
When a client not configured with the server host public key access the server for the first time:

If first-time authentication is disabled, the client refuses to access the server. To enable the client to
access the server, you must configure the server host public key locally and specify the public key

name for authentication on the client in advance.

If first-time authentication is enabled, the client accesses the server, and saves the host public key on
the client. When accessing the server again, the client uses the saved server host public key to

authenticate the server.

In a secure network, first-time authentication simplifies client configuration, but also brings some potential

security risks.

Enabling first-time authentication

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable first-time
authentication.

ssh client first-time enable

Optional.
Enabled by default.

Disabling first-time authentication

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Disable first-time

authentication.

undo ssh client first-time

Enabled by default.

3.

Configure the server host
public key.

See "

Configuring a client's host

public key

"

The method for configuring the
server host public key on the client
is similar to that for configuring

client public key on the server.

4.

Specify the host public key

name of the server.

ssh client authentication server
server assign publickey keyname

N/A

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: