Configuring The Ssh Server On The Device - HP 830 Series Configuration Manual

Poe+ unified wired-wlan switch

Hide thumbs Also See for 830 Series:

Configuration manual (530 pages)

Command reference manual (136 pages)

Installation manual (58 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

Table of Contents

Configuring the SSH server on the device

When scheme authentication is used, you can choose to configure the command authorization and

command accounting functions.

If command authorization is enabled, a command is available only if the user has the commensurate user

privilege level and is authorized by the AAA scheme to use the command.

Command accounting allows the HWTACACS server to record all commands executed by users,

regardless of command execution results. This function helps control and monitor user behaviors on the

device. If command accounting is enabled and command authorization is not enabled, every executed

command is recorded on the HWTACACS server. If both command accounting and command

authorization are enabled, only the authorized and executed commands are recorded on the

HWTACACS server.

Follow these guidelines when you configure the SSH server:

•

To make the command authorization or command accounting function take effect, apply an

HWTACACS scheme to the intended ISP domain. This scheme must specify the IP address of the

authorization server and other authorization parameters.

If the local authentication scheme is used, use the authorization-attribute level level command in

•

local user view to set the user privilege level on the device.

If a RADIUS or HWTACACS authentication scheme is used, set the user privilege level on the

•

RADIUS or HWTACACS server.

The SSH client authentication method is password in this configuration procedure. For more information

about SSH and publickey authentication, see Security Configuration Guide.

To configure the SSH server on the device:

Step

Enter system view.

Create local key pairs.

Enable SSH server.

Enter one or multiple VTY user

interface views.

Enable scheme

authentication.

Enable the user interfaces to

support Telnet, SSH, or both.

Enable command

authorization.

Command

system-view

public-key local create { ecdsa |

rsa }

ssh server enable

user-interface vty first-number

[ last-number ]

authentication-mode scheme

protocol inbound { all | ssh |

telnet }

command authorization

Remarks

N/A

By default, no local key pairs are

created.

By default, SSH server is disabled.

N/A

By default, password

authentication is enabled on VTY

user interfaces.

Optional.

By default, both Telnet and SSH

are supported.

Optional.

By default, command authorization

is disabled. The commands

available for a user only depend

on the user privilege level.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

10500 7500

Configuring The Ssh Server On The Device - HP 830 Series Configuration Manual

Configuring the SSH server on the device

Hide quick links:

Related Manuals for HP 830 Series

Related Content for HP 830 Series

This manual is also suitable for:

Table of Contents