Netconf Over Ssh Configuration Example With Password Authentication; Network Requirements - HPE FlexNetwork 5510 HI Series Security Configuration Manual

Username: client001
Press CTRL+C to abort.
Connecting to 192.168.0.1 port 22.
src.cfg
<SwitchA>
Based on the 192-bit Suite B algorithms:

# Specify server384 as the PKI domain of the server's certificate.
[SwitchB] ssh server pki-domain server384
# Create an SSH user named client002. Specify the authentication method publickey for
the user and specify client384 as the PKI domain for verifying the client's certificate.
[Switch] ssh user client002 service-type scp authentication-type publickey assign
pki-domain client384
# Establish an SCP connection to SCP server 192.168.0.1 based on the 192-bit Suite B
algorithms.
<SwitchA> scp 192.168.0.1 get src.cfg suite-b 192-bit pki-domain client384
server-pki
-domain server384
Username: client002
Press CTRL+C to abort.
Connecting to 192.168.0.1 port 22.
src.cfg
<SwitchA>
NETCONF over SSH configuration example with
password authentication
The switch in the configuration example is in non-FIPS mode.
When you configure NETCONF-over-SSH on a device that operates in FIPS mode, follow these
restrictions and guidelines:
•
The modulus length of RSA key pairs must be 2048 bits.
•
When the device acts as the NETCONF-over-SSH server, it supports only ECDSA and RSA key
pairs. If both ECDSA and RSA key pairs exist on the server, the server uses the ECDSA key
pair.

Network requirements

As shown in
•
The switch uses local password authentication.
•
The client's username and password are saved on the switch.
Establish a NETCONF-over-SSH connection between the host and the switch, so that you can log in
to the switch from the host to perform NETCONF operations.
Figure 113:
100% 4814
100% 4814
390
4.7KB/s 00:00
4.7KB/s 00:00