Setting the ssh management parameters, Configuring the device as an ssh client, Ssh client configuration task list – H3C Technologies H3C S5120 Series Switches User Manual

1-9

Setting the SSH Management Parameters

SSH management includes:

z

Enabling the SSH server to be compatible with SSH1 client

z

Setting the server key pair update interval, applicable to users using SSH1 client

z

Setting the SSH user authentication timeout period

z

Setting the maximum number of SSH authentication attempts

Setting the above parameters can help avoid malicious guess at and cracking of the keys and

usernames, securing your SSH connections.

Follow these steps to set the SSH management parameters:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable the SSH server to
support SSH1 clients

ssh server compatible-ssh1x
enable

Optional

By default, the SSH server
supports SSH1 clients.

Set the RSA server key pair
update interval

ssh server rekey-interval
hours

Optional

0 by default, that is, the RSA
server key pair is not updated.

Set the SSH user
authentication timeout period

ssh server
authentication-timeout
time-out-value

Optional

60 seconds by default

Set the maximum number of
SSH authentication attempts

ssh server
authentication-retries times

Optional

3 by default

Authentication will fail if the number of authentication attempts (including both publickey and password

authentication) exceeds that specified in the ssh server authentication-retries command.

Configuring the Device as an SSH Client

SSH Client Configuration Task List

Complete the following tasks to configure an SSH client:

Task

Remarks

Specifying a Source IP address/Interface for the SSH Client

Optional

Configuring Whether First-time Authentication is Supported

Optional

Establishing a Connection Between the SSH Client and the Server

Required