Generating/destroying key pairs – H3C Technologies H3C S3100 Series Switches User Manual
Page 720
1-7
z
You can configure a login header only when the service type is stelnet. For configuration of service
types, refer to
Specifying a Service Type for an SSH User
z
For details of the header command, refer to the corresponding section in Login Command.
z
Currently, only the S3100-EI series support the ssh server rekey-interval command.
Configuring the SSH Server to Be Compatible with SSH1 Clients
Follow these steps to configure the SSH server to be compatible with SSH1 clients:
To do...
Use the command...
Remarks
Enter system view
system-view
—
Configure the SSH server to be
compatible with SSH1 clients
ssh server
compatible-ssh1x
enable
Optional
By default, the SSH server is
compatible with SSH1 clients.
Currently, only the S3100-EI series support the ssh server compatible-ssh1x enable command.
Generating/Destroying Key Pairs
This configuration task lets you generate or destroy a key pair. You must generate an RSA and DSA key
pair on the server for an SSH client to log in successfully. When generating a key pair, you will be
prompted to enter the key length in bits, which is between 512 and 2048. The default length is 1024. In
case a key pair already exists, the system will ask whether to replace the existing key pair.
Table 1-5 Follow these steps to create or destroy key pairs:
To do...
Use the command...
Remarks
Enter system view
system-view
—
Generate an RSA key pair
public-key local create rsa
Required
By default, no RSA key pair is
created.
Destroy the RSA key pair
public-key local destroy rsa
Optional
Use the command to destroy
the generated RSA key pair.
Generate a DSA key pair
public-key local create dsa
Required
By default, no DSA key pair is
created.