Establishing A Connection To An Stelnet Server - HPE FlexFabric 7900 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 7900 Series:
- Layer 3 ip routing command reference (414 pages) ,
- Security configuration manual (323 pages) ,
- Security command reference (320 pages)
Table of Contents
Advertisement
•
Improving the manageability of Stelnet clients in authentication service.
To specify the source IP address for SSH packets:
Step
1.
Enter system view.
2.
Specify the source
address for SSH packets.
Establishing a connection to an Stelnet server
When you try to access an Stelnet server, the device must use the server's host public key to
authenticate the server. If the server's host public key is not configured on the device, the device will
notify you to confirm whether to continue with the access.
•
If you choose to continue, the device accesses the server and downloads the server's host
public key.
•
If you choose to not continue, the connection cannot be established.
As a best practice, configure the server's host public key on the device in an insecure network.
To establish a connection to an Stelnet server:
Task
Establish a
connection to an
Stelnet server.
Command
system-view
ssh client source { interface
interface-type interface-number | ip
ip-address }
Command
•
In non-FIPS mode:
ssh2 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key { dsa | rsa } |
prefer-compress zlib | prefer-ctos-cipher
{ 3des | aes128 | aes256 | des } |
prefer-ctos-hmac { md5 | md5-96 | sha1 |
sha1-96 } | prefer-kex { dh-group-exchange |
dh-group1 | dh-group14 } | prefer-stoc-cipher
{ 3des | aes128 | aes256 | des } |
prefer-stoc-hmac { md5 | md5-96 | sha1 |
sha1-96 } ] * [ dscp dscp-value | escape
character | publickey keyname | source
{ interface interface-type interface-number | ip
ip-address } ] *
•
In FIPS mode:
ssh2 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key rsa |
prefer-compress zlib | prefer-ctos-cipher
{ aes128 | aes256 } | prefer-ctos-hmac { sha1 |
sha1-96 } | prefer-kex dh-group14 |
prefer-stoc-cipher { aes128 | aes256 } |
prefer-stoc-hmac { sha1 | sha1-96 } ] * [ escape
character | publickey keyname | source
{ interface interface-type interface-number | ip
ip-address } ] *
152
Remarks
N/A
By default, the source IP
address for SSH packets is not
configured. The SSH packets
use the primary IP address of
the output interface specified
in the routing entry as their
source address.
Remarks
Available in user view.
Advertisement
Table of Contents
Troubleshooting
