H3C S3600 Series Operation Manual page 10

Operation Manual – SSH Terminal Service
H3C S3600 Series Ethernet Switches-Release 1510
Table 1-6 Configure SSH management
Operation
Enter system view
Set
authentication
timeout time
Set
authentication retry
times
Set
update interval
Configure
server
compatible
SSH1.x clients
VI. Configuring a client public key for a user
On the switch, you can configure a client public key (generated randomly on a client) for
a client user. This configuration is not required for password authentication type.
There are two methods to configure a client public key for a user.
1) Manual configuration
First, perform the following operations on a client:
Use the SSH1.5/2.0 client software to randomly generate a RSA key pair.
Use the SSHKEY.exe program to transform the public key in the RSA key pair to
PKCS (public-key cryptography standards) format.
Then, perform the following operations on the server:
Table 1-7 Configure client public key for a user
Operation
Enter system view
Enter public key view
Enter public key edit
view to input a client
public key
Command
system-view
SSH
ssh server timeout
seconds
SSH ssh
authentication-retri
es times
server key ssh
rekey-interval hours
SSH
ssh
to be
compatible-ssh1x
with
enable
system-view
rsa
keyname
public-key-code begin
—
Optional
By default, the timeout time is 60
seconds.
Optional
server
By default, the number of retry times
is 3.
Optional
server
By default, the system does not
update server keys.
Optional
server
By
compatible with SSH1.x clients.
Command
—
peer-public-key
Required
—
1-9
Chapter 1 SSH Terminal Service
Description
default, SSH server
Description
is