Disable first-time authentication, Displaying and maintaining ssh – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 617
64-12
Disable first-time authentication
For successful authentication of an SSH client not supporting first-time authentication, the server host
public key must be configured on the client and the public key name must be specified.
Follow these steps to disable first-time authentication:
To do...
Use the command…
Remarks
Enter system view
system-view
—
Disable first-time
authentication support
undo ssh client first-time
Optional
By default, first-time authentication
is supported on a client.
Configure the server public key
Refer to
Key
Required
The method of configuring server
public key on the client is similar to
that of configuring client public key
on the server.
Specify the host public key
name of the server
ssh client
authentication server
server
assign publickey keyname
Required
Establishing a Connection Between the SSH Client and the Server
Follow these steps to establish the connection between the SSH client and the server:
To do...
Use the command…
Remarks
Establish a connection
between the SSH client and
the IPv4 server, and specify
the preferred key exchange
algorithm, encryption
algorithms, and HMAC
algorithms for them
ssh2
server [ port-number ] [ identity-key
{ dsa | rsa } | prefer-ctos-cipher { aes128
| des } | prefer-ctos-hmac { md5 |
md5-96
| sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 |
dh-group14
} | prefer-stoc-cipher
{ aes128 | des } | prefer-stoc-hmac
{ md5 | md5-96 | sha1 | sha1-96 } ] *
Establish a
connection
between the
SSH client and
the server, and
specify the
preferred key
exchange
algorithm,
encryption
algorithms, and
HMAC
algorithms for
them
Establish a connection
between the SSH client and
the IPv6 server, and specify
the preferred key exchange
algorithm, encryption
algorithms, and HMAC
algorithms for them
ssh2
ipv6 server [ port-number ]
[ identity-key { dsa | rsa } |
prefer-ctos-cipher
{ aes128 | des } |
prefer-ctos-hmac
{ md5 | md5-96 | sha1
| sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 |
dh-group14
} | prefer-stoc-cipher
{ aes128 | des } | prefer-stoc-hmac
{ md5 | md5-96 | sha1 | sha1-96 } ] *
Required
Use either
command in
user view.
Displaying and Maintaining SSH
To do…
Use the command…
Remarks
Display information about the public keys of
the local key pair
display public-key local
{ dsa |
rsa
} public
Available in any view
Display information about the public keys
display public-key peer
[ brief |
name publickey-name
]
Available in any view
Display the source IP address or interface
currently set for the SFTP client
display sftp client source
Available in any view