H3C S3100-52P Operation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. S3100-52P
  6. Operation manual
H3C S3100-52P Operation Manual

H3C S3100-52P Operation Manual

Ssh terminal service
Hide thumbs Also See for S3100-52P:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual, Operating Manual
Operation Manual - SSH Terminal Service
H3C S3100-52P Ethernet Switch
Chapter 1 SSH Terminal Service.................................................................................................. 1-1
1.1 SSH Terminal Service ....................................................................................................... 1-1
1.1.1 Introduction to SSH ................................................................................................. 1-1
1.1.2 SSH Server Configuration....................................................................................... 1-3
1.1.3 SSH Client Configuration ...................................................................................... 1-10
1.1.4 Configuring the Device as an SSH Client ............................................................. 1-17
1.1.5 Displaying SSH Configuration............................................................................... 1-19
1.1.6 SSH Server Configuration Example...................................................................... 1-19
1.2 SFTP Service................................................................................................................... 1-23
1.2.1 Introduction to SFTP ............................................................................................. 1-23
1.2.2 SFTP Server Configuration ................................................................................... 1-23
1.2.3 SFTP Client Configuration on the Switch.............................................................. 1-24
1.2.4 SFTP Configuration Example................................................................................ 1-28

Table of Contents

i
Table of Contents

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S3100-52P and is the answer not in the manual?

Questions and answers

Related Manuals for H3C S3100-52P

Summary of Contents for H3C S3100-52P

  • Page 1: Table Of Contents

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Table of Contents Table of Contents Chapter 1 SSH Terminal Service....................1-1 1.1 SSH Terminal Service ....................... 1-1 1.1.1 Introduction to SSH ....................1-1 1.1.2 SSH Server Configuration..................1-3 1.1.3 SSH Client Configuration ..................1-10 1.1.4 Configuring the Device as an SSH Client .............

  • Page 2: Chapter 1 Ssh Terminal Service

    IP address spoofing, plain-text password interception. Currently, the S3100-52P Ethernet Switches support SSH2.0. Acting as an SSH server, a switch allows for the connections of multiple SSH clients. Through SSH Client, a user can establish a connection to a switch or UNIX host running SSH Server.
  • Page 3 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation Workstation...

  • Page 4: Ssh Server Configuration

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service The server starts to authenticate the user. If the user is configured as having no authentication on the server, the following step is skipped and the session request stage starts directly.
  • Page 5 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Table 1-1 SSH2.0 Server configuration tasks Operation Command Related section Section “Configuring Configure user interface(s) to user interface(s) to protocol inbound support specified protocol(s) support specified protocol(s)"...
  • Page 6 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Caution: If you have configured a user interface to support SSH protocol, to ensure a successful login to the user interface, you must configure AAA authentication for the user interface by using the authentication-mode scheme command.
  • Page 7 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Note: After the rsa local-key-pair create command is executed, you can execute the display rsa local-key-pair public command to display information about the public key (in H3C_host, for example).
  • Page 8 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Caution: If RSA authentication type is configured for a user, the RSA public key of the client user must be configured on the switch. By default, no authentication type is specified for a new user, and the new user cannot access the switch.
  • Page 9 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service V. Configuring a client public key for a user On the switch, you can configure a client public key (generated randomly on a client) for a client user.
  • Page 10 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Note: The above method requires you to transform the format of the public key on the client, and then manually configure the transformed public key on the server. So, the method is relatively more complex.

  • Page 11: Ssh Client Configuration

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service 1.1.3 SSH Client Configuration A variety of SSH client software are available, such as PuTTY and FreeBSD. For an SSH client to establish a connection with an SSH server, you must complete these...
  • Page 12 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service While generating the key pair, you must move the mouse continuously. The mouse should be restricted off the green process bar in the blue box of Figure 1-4. Otherwise, the process bar does not move and the key pair cannot be generated.
  • Page 13 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-5 Generating the client key (3) Likewise, to save a private key, click “Save private key” and a warning window pops up to prompt you whether to save a private key without any precautions. Click “Yes” and enter a name (private for here) to save the private key.
  • Page 14 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-7 Generating the client key (5) II. Specifying the IP address of the server Launch PuTTY.exe and the following window appears. 1-13...
  • Page 15 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-8 SSH client interface 1 In the [Host Name (or IP address)] text box, enter the IP address of the server, for example, 10.110.28.10. Note that the IP address can be the IP address of any interface on the server that has SSH in the state of up and a route to the client.
  • Page 16 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-9 SSH client interface 2 In the [Protocol options] field, select [2] from the [Preferred SSH protocol version] section. V. Open an SSH Connection with RSA If the client needs to use RSA authentication, you must specify the RSA private key file.
  • Page 17 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-10 SSH client interface 3 Click <Browse…> to bring up the file selection window, navigate to the private key file and click <OK>. VI. Open an SSH Connection with Password Click <Open>.

  • Page 18: Configuring The Device As An Ssh Client

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Figure 1-11 SSH client interface Enter the username and password to create an SSH connection. To log out, enter the quit command. 1.1.4 Configuring the Device as an SSH Client The following table describes SSH Client configuration tasks.
  • Page 19 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Operation Command Description Optional This command is used to configure the public key of Assign a public key ssh client server-ip assign a server on the client, so...

  • Page 20: Displaying Ssh Configuration

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service 1.1.5 Displaying SSH Configuration After the above configuration, you can execute the display command in any view to display the configuration information and running status of SSH, so as to verify your configuration.
  • Page 21 [H3C-ui-vty0-4] protocol inbound ssh # Set login protocol to SSH, authentication type to password, and authentication password to "abc" for user clinet001. [H3C] local-user client001 [H3C-luser-client001] password simple abc [H3C-luser-client001] service-type ssh [H3C-luser-client001] quit [H3C] ssh user client001 authentication-type password 1-20...

  • Page 22: Configuring The Device As An Ssh Client Configuration Example

    [H3C-rsa-key-code] BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125 [H3C-rsa-key-code] public-key-code end [H3C-rsa-public-key] peer-public-key end [H3C] ssh user client002 assign rsa-key H3C002 # Make corresponding configuration on the host keeping the RSA private key and start the SSH client software to establish an SSH connection. 1.1.7 Configuring the Device as an SSH Client Configuration Example I.
  • Page 23 [H3C-rsa-key-code] C48E3306367FE187BDD944018B3B69F3CBB0A573202C16 [H3C-rsa-key-code] BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125 [H3C-rsa-key-code] public-key-code end [H3C-rsa-public-key] peer-public-key end [H3C] ssh client 10.165.87.136 assign rsa-key public Start SSH Client. Settings for the two authentication types are described respectively in the following: Password authentication # Start SSH Client with default encryption algorithms.

  • Page 24: Sftp Service

    Chapter 1 SSH Terminal Service Do you want to save the server's public key?(Y/N):y Enter password: ************************************************************************** * Copyright(c) 2004-2007 Hangzhou H3C Tech. Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ************************************************************************** <H3C>...

  • Page 25: Sftp Client Configuration On The Switch

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Setting connection idle timeout I. Configuring service type for an SSH user Table 1-12 Configure service type for an SSH user Operation Command Description Enter system view system-view —...
  • Page 26 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Table 1-15 SFTP Client configuration tasks Command Operation View Description Keyword Start SFTP Client sftp System view Required SFTP client Stop SFTP Client Optional exit...
  • Page 27 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Table 1-16 Start SFTP Client Operation Command Description Enter system view system-view — sftp { host-ip | host-name } [ port-num ] prefer_kex dh_group1 dh_exchange_group...
  • Page 28 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Operation Command Description dir [ remote-path ] Optional Display the file list of a The dir and ls commands directory ls [ remote-path ] have the same function.

  • Page 29: Sftp Configuration Example

    Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service Table 1-20 Display help information about an SFTP client command Operation Command Description Enter system view system-view — sftp host-ip Enter SFTP client view —...
  • Page 30 # Enable SFTP Server. [H3C] sftp server enable # Specify SFTP service for SSH user abc. [H3C] ssh user abc service-type sftp Configure Switch A (SFTP client) # Establish a connection to the remote SFTP server and enter SFTP client view.
  • Page 31 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service File successfully Removed sftp-client> dir -rwxrwxrwx 1 noone nogroup 1759 Aug 23 06:52 config.cfg -rwxrwxrwx 1 noone nogroup 225 Aug 24 08:01 pubkey2 -rwxrwxrwx 1 noone...
  • Page 32 Operation Manual – SSH Terminal Service H3C S3100-52P Ethernet Switch Chapter 1 SSH Terminal Service drwxrwxrwx 1 noone nogroup 0 Sep 02 06:33 new2 -rwxrwxrwx 1 noone nogroup 283 Sep 02 06:35 pub -rwxrwxrwx 1 noone nogroup 283 Sep 02 06:36 puk sftp-client>...

Table of Contents