Generating/destroying a rsa or dsa key pair – H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 477
46-5
Task
Remark
Assigning a Public Key to an SSH User
Required for pubilckey authentication;
unnecessary for password authentication
Specifying a Source IP Address/Interface for
the SSH Server
Optional
Configuring the Protocol Support for the User Interface
You must configure the supported protocol(s) for SSH remote login. Note that the configuration does not
take effect immediately, but will be effective for subsequent login requests.
Follow these steps to configure the protocol(s) that a user interface supports:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter the view of one or multiple
user interfaces
user-interface
[ type ] first-number
[ last-number ]
—
Configure the authentication mode
as scheme
authentication-mode
scheme
[ command-authorization ]
Required
By default, the user interface
authentication mode is password
Specify the supported protocol(s)
protocol inbound
{ all |ssh |
telnet
}
Optional
By default, both Telnet and SSH
are supported.
z
If you have configured a user interface to support SSH protocol, you must configure AAA
authentication for the user interface by using the authentication-mode scheme command to
ensure successful login.
z
On a user interface, if the authentication-mode password or authentication-mode none
command has been executed, the protocol inbound ssh command is not available. Similarly, if
the protocol inbound ssh command has been executed, the authentication-mode password
and authentication-mode none commands are not available.
Generating/Destroying a RSA or DSA Key Pair
This configuration task lets you generate or destroy a key pair. You must generate an RSA or DSA key
pair on the server for an SSH client to log in successfully. When generating a key pair, you will be
prompted to enter the key length in bits, which is between 512 and 2048. In case a key pair already
exists, the system will ask whether to replace the existing key pair.
Follow these steps to create or destroy a key pair:
To do…
Use the command…
Remarks
Enter system view
system-view
—