H3C Technologies H3C WX3000 Series Unified Switches User Manual

46-24

<device> system-view

[device] interface vlan-interface 1

[device-Vlan-interface1] ip address 192.168.0.1 255.255.255.0

[device-Vlan-interface1] quit

# Generate RSA and DSA key pairs.

[device] public-key local create rsa

[device] public-key local create dsa

# Set the authentication mode for the user interfaces to AAA.

[device] user-interface vty 0 4

[device-ui-vty0-4] authentication-mode scheme

# Enable the user interfaces to support SSH.

[device-ui-vty0-4] protocol inbound ssh

# Set the client’s command privilege level to 3

[device-ui-vty0-4] user privilege level 3

[device-ui-vty0-4] quit

# Configure the authentication type of the SSH client named client 001 as publickey.

[device] ssh user client001 authentication-type publickey

Before performing the following steps, you must generate an RSA public key pair (using the client
software) on the client, save the key pair in a file named public, and then upload the file to the SSH
server through FTP or TFTP. For details, refer to Configuring the SSH Client.

# Import the client’s public key named “Switch001” from file “public”.

[device] public-key peer Switch001 import sshkey public

# Assign the public key “Switch001” to client “client001”.

[device] ssh user client001 assign rsa-key Switch001

z

Configure the SSH client

# Generate an RSA key pair, taking PuTTYGen as an example.

Run PuTTYGen.exe, choose SSH2(RSA) and click Generate.