H3C S3600 Series Operation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. H3C S3600 Series
  6. Operation manual
H3C S3600 Series Operation Manual

H3C S3600 Series Operation Manual

Ssh terminal service, ethernet switches
Hide thumbs Also See for S3600 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual, Operating Manual
Operation Manual - SSH Terminal Service
H3C S3600 Series Ethernet Switches-Release 1510
Chapter 1 SSH Terminal Service.................................................................................................. 1-1
1.1 SSH Terminal Service ....................................................................................................... 1-1
1.1.1 Introduction to SSH ................................................................................................. 1-1
1.1.2 SSH Server Configuration....................................................................................... 1-3
1.1.3 Configuring the SSH Client ................................................................................... 1-11
1.1.4 Configuring the Device as an SSH Client ............................................................. 1-19
1.1.5 Displaying SSH Configuration............................................................................... 1-21
1.1.6 SSH Server Configuration Example...................................................................... 1-22
1.1.7 SSH Client Configuration Example ....................................................................... 1-25
Chapter 2 SFTP Service ................................................................................................................ 2-1
2.1 SFTP Service..................................................................................................................... 2-1
2.1.1 Introduction to SFTP ............................................................................................... 2-1
2.1.2 SFTP Server Configuration ..................................................................................... 2-1
2.1.3 SFTP Client Configuration ...................................................................................... 2-2
2.1.4 SFTP Configuration Example.................................................................................. 2-6

Table of Contents

i
Table of Contents

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S3600 Series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for H3C S3600 Series

Summary of Contents for H3C S3600 Series

  • Page 1: Table Of Contents

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Table of Contents Table of Contents Chapter 1 SSH Terminal Service....................1-1 1.1 SSH Terminal Service ....................... 1-1 1.1.1 Introduction to SSH ....................1-1 1.1.2 SSH Server Configuration..................1-3 1.1.3 Configuring the SSH Client ...................

  • Page 2: Chapter 1 Ssh Terminal Service

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Chapter 1 SSH Terminal Service 1.1 SSH Terminal Service 1.1.1 Introduction to SSH Secure shell (SSH) provides secure communication and powerful authentication for remote user login to a switch over an insecure network, thus preventing assaults such as IP address spoofing, plain-text password interception.
  • Page 3 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation...

  • Page 4: Ssh Server Configuration

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Through the above steps, the server and the client get the same session key, which is to be used to encrypt and decrypt data exchanged between the server and the client later.
  • Page 5 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Table 1-1 SSH2.0 Server configuration tasks Operation Command Related section Section “Configuring Configure user interface(s) to user interface(s) to protocol inbound support specified protocol(s)
  • Page 6 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Operation Command Description Optional Configure user protocol inbound { all interface(s) support By default, both Telnet |ssh | telnet } specified protocol(s) and SSH are supported.
  • Page 7 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Caution: For a successful SSH login, you must first generate the RSA key pairs of the server. You just need to execute the rsa local-key-pair create command once, and need not execute the command again after the system is rebooted.
  • Page 8 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Table 1-5 Configure authentication type for a user Operation Command Description Enter system view system-view — ssh authentication-type Specify default default { password | rsa...
  • Page 9 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Caution: If RSA authentication type is configured for a user, the RSA public key of the client user must be configured on the switch.
  • Page 10 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Table 1-6 Configure SSH management Operation Command Description Enter system view system-view — Optional ssh server timeout authentication By default, the timeout time is 60...
  • Page 11 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Operation Command Description Required When you input the key data, spaces are allowed between characters input (because system Configure the client Enter the content of the...

  • Page 12: Configuring The Ssh Client

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Table 1-8 Automatic configuration Operation Command Description Enter system view system-view — Transform the format of the key in a client public filename...
  • Page 13 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Specifying the RSA private key file. On the server, if RSA authentication is enabled for an SSH user and a public key is set for the user, the private key file corresponding to the public key must be specified on the client.
  • Page 14 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-4 Generating the client keys (2) After the key pair is generated, click Save public key and enter the name of the file for saving the public key (public in this case) to save the public key.
  • Page 15 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-5 Generating the client keys (3) Likewise, to save the private key, click Save private key. A warning window pops up to prompt you whether to save the private key without any precaution.
  • Page 16 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-7 Generating the client keys (5) II. Specifying the IP address of the Server Launch PuTTY.exe. The following window appears. 1-15...
  • Page 17 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-8 SSH client configuration interface 1 In the Host Name (or IP address) text box, enter the IP address of the server, Note that there must be a route available between the IP address of the server and the client.
  • Page 18 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-9 SSH client configuration interface 2 Under Protocol options, select 2 from Preferred SSH protocol version. Note: Some SSH client software, for example, Tectia client software, supports the DES algorithm only when the ssh1 version is selected.
  • Page 19 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-10 SSH client configuration interface 3 Click Browse… to bring up the file selection window, navigate to the private key file and click OK.

  • Page 20: Configuring The Device As An Ssh Client

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Figure 1-11 SSH client interface Enter the username and password to establish an SSH connection. To log out, enter the quit command. 1.1.4 Configuring the Device as an SSH Client When the device connects to the SSH server as an SSH client, you can configure the SSH client to authenticate the SSH server during the first access.
  • Page 21 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service I. configure the device as an SSH client that supports first authentication Table 1-10 Configure the device as an SSH client that supports first authentication...

  • Page 22: Displaying Ssh Configuration

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Operation Command Description — The input public keys are Quit to public key view public-key-code end saved when you quit the public key edit view.

  • Page 23: Ssh Server Configuration Example

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service Table 1-13 Display SSH configuration Operation Command Description Display host and server display public keys local-key-pair public display Display client RSA public peer-public-key [ brief |...
  • Page 24 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service III. Configuration procedure The configuration procedure varies with login authentication modes. However, you must complete the following three configuration tasks before any configuration procedure.
  • Page 25 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service RSA public key authentication # Set AAA authentication on the user interfaces. [H3C] user-interface vty 0 4 [H3C-ui-vty0-4] authentication-mode scheme # Set the user interfaces to support SSH.

  • Page 26: Ssh Client Configuration Example

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1 SSH Terminal Service 1.1.7 SSH Client Configuration Example I. Network requirements As shown in Figure 1-13: Switch A serves as an SSH client, with a user name of client001.
  • Page 27 The Server is not authenticated. Do you continue to access it?(Y/N):y Do you want to save the server's public key?(Y/N):n Enter password: ************************************************************************* * Copyright(c) 2004-2007 Hangzhou H3C Tech. Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ************************************************************************* <H3C>...

  • Page 28: Chapter 2 Sftp Service

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service Chapter 2 SFTP Service 2.1 SFTP Service 2.1.1 Introduction to SFTP Secure FTP (SFTP) is a new feature introduced in SSH2.0. Since SFTP is based on SSH, it can provides security for remote users to log into the switch and perform file management and transfer operations (such as system update), thus providing more security for data transfer.

  • Page 29: Sftp Client Configuration

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service II. Enabling SFTP Server Table 2-2 Enable SFTP Server Operation Command Description Enter system view system-view — Required Enable SFTP Server sftp server enable By default, SFTP Server is disabled.
  • Page 30 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service Command Operation View Description Keyword Change the current directory Return to the upper cdup directory Display the current SFTP directory directory SFTP client Optional...
  • Page 31 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service Table 2-5 Start SFTP Client Operation Command Description Enter system view system-view — sftp { host-ip | host-name } [ port-num ] prefer_kex dh_group1...
  • Page 32 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service Operation Command Description dir [ -a | -l ] [ remote-path ] Optional Display the file list of a The dir and ls commands...

  • Page 33: Sftp Configuration Example

    Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service Table 2-9 Display help information about an SFTP client command Operation Command Description Enter system view system-view — Enter SFTP client view sftp { host-ip | host-name } —...
  • Page 34 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service III. Configuration procedure Configure Switch B (SFTP server) <H3C>system-view [H3C] rsa local-key-pair create # Create a VLAN interface on SwitchB and assign an IP address, which the SSH client uses as the destination for SSH connection.
  • Page 35 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service # Configure an IP address (192.168.0.2 in this case) for the VLAN interface on SwitchA. This IP address and that of the VLAN interface on SwitchB must be in the same network segment.
  • Page 36 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service sftp-client> mkdir new1 New directory created sftp-client> dir -rwxrwxrwx 1 noone nogroup 1759 Aug 23 06:52 config.cfg -rwxrwxrwx 1 noone nogroup 225 Aug 24 08:01 pubkey2...
  • Page 37 Operation Manual – SSH Terminal Service H3C S3600 Series Ethernet Switches-Release 1510 Chapter 2 SFTP Service sftp-client> quit [H3C] 2-10...

Table of Contents