Table of Contents
Advertisement
Operation Manual – SSH2.0
Quidway S3100 Series Ethernet Switches
Caution:
When SSH protocol is specified, to ensure a successful login, you must configure
the AAA authentication using the authentication-mode scheme command.
The
authentication-mode password and authentication-mode none. When you
configure SSH protocol successfully for the user interface, then you cannot
configure authentication-mode password and authentication-mode none any more.
II. Generating or destroying RSA key pairs
The name of the server RSA key pair is in the format of switch name plus _host,
Quidway_host for example.
After you use the command, the system prompts you to define the key length.
In SSH1.x, the key length is in the range of 512 to 2,048 (bits).
In SSH2.0, the key length is in the range of 1024 to 2048 (bits). To make SSH 1.x
compatible, 512- to 2,048-bit keys are allowed on clients, but the length of server
keys must be more than 1,024 bits. Otherwise, clients cannot be authenticated.
Table 1-3 Generate or destroy RSA key pairs
Enter system view
Generate a local RSA key pair
Destroy a local RSA key pair
Caution:
For a successful SSH login, you must generate a local RSA key pair first.
You just need to execute the command once, with no further action required even
after the system is rebooted.
If you use this command to generate an RSA key provided an old one exits, the
system will prompt you to replace the previous one or not.
III. Configuring authentication type
New users must specify authentication type. Otherwise, they cannot access the switch.
protocol
inbound
Operation
Huawei Technologies Proprietary
Chapter 1 SSH Terminal Services
ssh
configuration
Command
system-view
rsa
local-key-pair
create
rsa
local-key-pair
destroy
1-5
fails
if
you
configured
Remarks
—
Required
Required
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
