H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 504
46-32
# Assign the public key Switch001 to user client001.
[device] ssh user client001 assign rsa-key Switch001
z
Configure Switch A
# Create a VLAN interface on the device and assign an IP address, which serves as the SSH client’s
address in an SSH connection.
<device> system-view
[device] interface vlan-interface 1
[device-Vlan-interface1] ip address 10.165.87.137 255.255.255.0
[device-Vlan-interface1] quit
# Generate a DSA key pair
[device] public-key local create dsa
# Export the generated DSA key pair to a file named Switch001.
[device] public-key local export dsa ssh2 Switch001
After the key pair is generated, you need to upload the pubic key file to the server through FTP or TFTP
and complete the server end configuration before you continue to configure the client.
# Establish an SSH connection to the server 10.165.87.136.
[device] ssh2 10.165.87.136 identity-key dsa
Username: client001
Trying 10.165.87.136 ...
Press CTRL+K to abort
Connected to 10.165.87.136 ...
The Server is not authenticated. Do you continue to access it?(Y/N):y
Do you want to save the server's public key?(Y/N):n
**************************************************************************
* Copyright(c) 2004-2007 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
**************************************************************************
<device>
When the Device Acts as an SSH Client and First-time authentication is not
Supported
Network requirements
As shown in
, establish an SSH connection between Switch A (SSH Client) and Switch B
(SSH Server) for secure data exchange. The user name is client001 and the SSH server’s IP address is
10.165.87.136. The publickey authentication mode is used to enhance security.