H3C Technologies H3C SecPath F1000-E User Manual

173

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++

# Export the DSA public key to file key.pub.

[SecPath] public-key local export dsa ssh2 key.pub

[SecPath] quit

Then, you need to transmit the public key file to the server through FTP or TFTP.

2.

Configure the SSH server
# Generate the RSA key pairs.

<Router> system-view

[Router] public-key local create rsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++

++++++++++++++

+++++

++++++++

# Generate a DSA key pair.

[Router] public-key local create dsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++

# Enable SSH server.

[Router] ssh server enable

# Configure an IP address for interface GigabitEthernet 0/1, which the SSH client will use as the

destination for SSH connection.

[Router] interface GigabitEthernet 0/1

[Router-GigabitEthernet0/1] ip address 10.165.87.136 255.255.255.0

[Router-GigabitEthernet0/1] quit

# Set the authentication mode for the user interfaces to AAA.

[Router] user-interface vty 0 4

[Router-ui-vty0-4] authentication-mode scheme

# Enable the user interfaces to support SSH.

[Router-ui-vty0-4] protocol inbound ssh