H3C S3100-52P Operation Manual page 8

Operation Manual – SSH Terminal Service
H3C S3100-52P Ethernet Switch
Caution:
If RSA authentication type is configured for a user, the RSA public key of the client
user must be configured on the switch.
By default, no authentication type is specified for a new user, and the new user
cannot access the switch.
For the password-publickey authentication type, users can access the switch only
when they pass both kinds of authentications.
For the password authentication type, username should be consistent with the
valid user name defined in AAA; for the RSA authentication type, username is the
SSH local user name, so that there is no need to configure a local user in AAA.
If the default authentication type for SSH users is password and local AAA
authentication is adopted, you need not use the ssh user command to create an
SSH user. Instead, you can use the local-user command to create a user name and
its password and then set the service type of the user to SSH.
If the default authentication type for SSH users is password and remote
authentication (RADIUS authentication, for example) is adopted, you need not use
the ssh user command to create an SSH user, because it is created on the remote
server. And the user can use its username and password configured on the remote
server to access the network.
IV. Configuring SSH management
The configuration of SSH management includes the setting of authentication timeout
time, and authentication retry times. After the configuration, the SSH management
function is able to prevent illegal activities such as malicious password guessing, thus
ensure the security of SSH connections.
Table 1-5 Configure SSH management
Operation
Enter system view
Set
authentication
timeout time
Set
authentication retry
times
Command
system-view
SSH
ssh server timeout seconds
SSH
ssh
authentication-retries times
1-7
Chapter 1 SSH Terminal Service
Description
—
Optional
By default, the timeout
time is 60 seconds.
Optional
server
By default, the number of
retry times is 3.