When Switch Acts As Client For Publickey Authentication - H3C S5120-HI Security Configuration Manual

[SwitchA-pkey-key-code]E55B394A217DA38B65B77F0185C8DB8095522D1EF044B465E
8716261214A5A3B493E866991113B2D
[SwitchA-pkey-key-code]485348
[SwitchA-pkey-key-code] public-key-code end
[SwitchA-pkey-public-key] peer-public-key end
# Specify the host public key for the SSH server 10.165.87.136 as key1.
[SwitchA] ssh client authentication server 10.165.87.136 assign publickey key1
[SwitchA] quit
# Establish an SSH connection to server 10.165.87.136.
<SwitchA> ssh2 10.165.87.136
Username: client001
Trying 10.165.87.136
Press CTRL+K to abort
Connected to 10.165.87.136...
Enter password:
After you enter the correct password, you can log in to Switch B successfully.

When switch acts as client for publickey authentication

Network requirements
As shown in
B (the SSH server) through the SSH protocol. Use the DSA public key algorithm.
Figure 72 Network diagram
Configuration procedure
During SSH server configuration, the client public key is required. Use the client software to generate a
DSA key pair on the client before configuring the SSH server.
Configure the SSH client:
1.
# Create VLAN-interface 1 and assign an IP address to it.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0
[SwitchA-Vlan-interface1] quit
# Generate a DSA key pair.
[SwitchA] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Figure 72, Switch A (the SSH client) must pass publickey authentication to log in to Switch
274