Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 183
172
[SecPath-pkey-key-code]E55B394A217DA38B65B77F0185C8DB8095522D1EF044B465E
8716261214A5A3B493E866991113B2D
[SecPath-pkey-key-code]485348
[SecPath-pkey-key-code] public-key-code end
[SecPath-pkey-public-key] peer-public-key end
# Specify the host public key for the SSH server (10.165.87.136) as key1.
[SecPath] ssh client authentication server 10.165.87.136 assign publickey key1
[SecPath] quit
# Establish an SSH connection to SSH server 10.165.87.136.
<SecPath> ssh2 10.165.87.136
Username: client001
Trying 10.165.87.136
Press CTRL+K to abort
Connected to 10.165.87.136...
Enter password:
After you enter the correct username and password, you can log in to Router successfully.
Publickey authentication enabled SSH client configuration
example
Network requirements
As shown in
, SecPath (the SSH client) must pass publickey authentication to log in to Router (the
SSH server) through the SSH protocol. Use the DSA public key algorithm.
Figure 81 Network diagram
Configuration procedure
NOTE:
During SSH server configuration, the client's host public key is required. Use the client software to
generate a DSA key pair on the client before configuring the SSH server.
1.
Configure the SSH client
# Configure an IP address for interface GigabitEthernet 0/1.
<SecPath> system-view
[SecPath] interface GigabitEthernet 0/1
[SecPath-GigabitEthernet0/1] ip address 10.165.87.137 255.255.255.0
[SecPath-GigabitEthernet0/1] quit
# Generate a DSA key pair.
[SecPath] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,