When Switch Acts As Client For Publickey Authentication - HP 5120 SI Series Security Configuration Manual

[SwitchA-pkey-key-code]E55B394A217DA38B65B77F0185C8DB8095522D1EF044B465E
8716261214A5A3B493E866991113B2D
[SwitchA-pkey-key-code]485348
[SwitchA-pkey-key-code] public-key-code end
[SwitchA-pkey-public-key] peer-public-key end
# Specify the host public key for the SSH server—10.165.87.136—as key1.
[SwitchA] ssh client authentication server 10.165.87.136 assign publickey key1
[SwitchA] quit
# Establish an SSH connection to server 10.165.87.136.
<SwitchA> ssh2 10.165.87.136
Username: client001
Trying 10.165.87.136
Press CTRL+K to abort
Connected to 10.165.87.136...
Enter password:
After you enter the correct password, the client logs in to Switch B successfully.

When switch acts as client for publickey authentication

Network requirements
As shown in
B (the SSH server) through the SSH protocol. Use the DSA public key algorithm.
Figure 90 Switch acts as client for publickey authentication
SSH server
Vlan-int1
10.165.87.136/24
Switch B
Configuration procedure
NOTE:
During SSH server configuration, the client public key is required. Use the client software to generate a
DSA key pair on the client before configuring the SSH server.
1. Configure the SSH client
# Create VLAN-interface 1 and assign an IP address to it.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0
[SwitchA-Vlan-interface1] quit
# Generate a DSA key pair.
[SwitchA] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Figure 95, Switch A (the SSH client) must pass publickey authentication to log in to Switch
Vlan-int1
10.165.87.137/24
SSH client
Switch A
263