Establishing A Connection Between The Ssh Client And Server - HP 5500 HI Series Configuration Manual
Security
Hide thumbs
Also See for 5500 HI Series:
- Installation manual (72 pages) ,
- Compliance and safety manual (62 pages) ,
- Quickspecs (35 pages)
Table of Contents
Advertisement
To disable first-time authentication:
Step
1.
Enter system view.
2.
Disable first-time
authentication support.
3.
Configure the server host
public key.
4.
Specify the host public key
name of the server.
Establishing a connection between the SSH client and server
Task
Establish a
connection
between the SSH
client and the
server, and specify
the public key
algorithm,
preferred
encryption
algorithm,
preferred HMAC
algorithm and
preferred key
exchange
algorithm.
Command
system-view
undo ssh client first-time
See
"Configuring a client public
key"
ssh client authentication server
server assign publickey keyname
Command
•
For an IPv4 server:
In non-FIPS mode:
ssh2 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key { dsa | rsa } |
prefer-ctos-cipher { 3des | aes128 | des } |
prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } |
prefer-kex { dh-group-exchange | dh-group1 |
dh-group14 } | prefer-stoc-cipher { 3des | aes128 | des } |
prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
In FIPS mode:
ssh2 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key rsa | prefer-ctos-cipher
{ aes128 | aes256 } | prefer-ctos-hmac { sha1 | sha1-96 }
| prefer-kex dh-group14 | prefer-stoc-cipher { aes128 |
aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *
•
For an IPv6 server:
In non-FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key { dsa | rsa } |
prefer-ctos-cipher { 3des | aes128 | des } |
prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } |
prefer-kex { dh-group-exchange | dh-group1 |
dh-group14 } | prefer-stoc-cipher { 3des | aes128 | des } |
prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
In FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key rsa | prefer-ctos-cipher
{ aes128 | aes256 } | prefer-ctos-hmac { sha1 | sha1-96 }
| prefer-kex dh-group14 | prefer-stoc-cipher { aes128 |
aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *
311
Remarks
N/A
By default, first-time authentication
is supported on a client.
The method for configuring the
server host public key on the client
is similar to that for configuring
client public key on the server.
N/A
Remarks
Use one of the
commands in user
view.
- Quick Links:
- Configuration Guide
- Configuring Aaa
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
