Disable first-time authentication – H3C Technologies H3C S5120 Series Switches User Manual
Page 488
1-10
Specifying a Source IP address/Interface for the SSH Client
This configuration task allows you to specify a source IP address or interface for the client to access the
SSH server, improving service manageability.
To do…
Use the command…
Remarks
Enter system view
system-view
—
Specify a source IP
address or interface for
the SSH client
ssh client source { ip ip-address |
interface interface-type
interface-number }
Required
By default, the address of the
interface decided by the
routing is used to access the
SSH server
Configuring Whether First-time Authentication is Supported
When the device connects to the SSH server as an SSH client, you can configure whether the device
supports first-time authentication.
z
With first-time authentication, when an SSH client not configured with the server host public key
accesses the server for the first time, the user can continue accessing the server, and save the
host public key on the client. When accessing the server again, the client will use the saved server
host public key to authenticate the server.
z
Without first-time authentication, a client not configured with the server host public key will deny to
access the server. To access the server, a user must configure in advance the server host public
key locally and specify the public key name for authentication.
Enable the device to support first-time authentication
Follow these steps to enable the device to support first-time authentication:
To do...
Use the command…
Remarks
Enter system view
system-view
—
Enable the device to support
first-time authentication
ssh client first-time enable
Optional
By default, first-time
authentication is supported on
a client.
Disable first-time authentication
For successful authentication of an SSH client not supporting first-time authentication, the server host
public key must be configured on the client and the public key name must be specified.
Follow these steps to disable first-time authentication:
To do...
Use the command…
Remarks
Enter system view
system-view
—
Disable first-time authentication
support
undo ssh client first-time
Required
By default, first-time
authentication is supported on
a client.