Optional) Assigning An Rsa Public Key To The Ssh Server - Huawei Quidway S2700 Series Configuration Manual

Quidway S2700 Series Ethernet Switches
Configuration Guide - Basic Configuration
To simplify user operations, you are recommended to enable the first-time authentication on the
SSH client.
Do as follows on the switch that serves as an SSH client:
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
ssh client first-time enable
Enable the SSH client with the first authentication.
By default, first-time authentication is disabled on SSH clients.
----End

9.6.3 (Optional) Assigning an RSA Public Key to the SSH Server

You can assign an RSA public key on the SSH client to the SSH server.
Context
If the first-time authentication on the SSH client is disabled, you need to assign an RSA public
key to the SSH server before the STelnet client logs in to the SSH server.
Do as follows on the switch that serves as an SSH client:
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
rsa peer-public-key key-name
The public key view is displayed.
Issue 01 (2011-07-15)
NOTE
l The purpose of enabling the first-time authentication on the SSH client is to skip checking the validity
of the RSA public key of the SSH server when the SFTP client logs in to the SSH server for the first
time. The check is skipped because the SFTP server has not saved the RSA public key of the SSH
server.
l If the first-time authentication is not enabled on the SSH client, when the SFTP client logs in to the
SSH server for the first time, the SFTP client fails to pass the check on the RSA public key validity
and cannot log in to the server.
TIP
Except for enabling the first-time authentication on the SSH client, the SFTP client can assign the RSA
public key in advance to the SSH server on the SSH client to log in to the server successfully for the first
time.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
9 Telnet and SSH
140