When the Switch Acts as an SSH Client and the Authentication Type is Password
Network requirements
As shown in
Figure
(SSH Server) for secure data exchange. The user name for login is client001 and the SSH server's IP
address is 10.165.87.136. Password authentication is required.
Figure 1-23 Network diagram of SSH client configuration when using password authentication
Switch B
SSH Server
VLAN-Interface 1
10.165 .87 .136 ./24
Configuration procedure
Configure Switch B
# Create a VLAN interface on the device and assign an IP address, which the SSH client will use as the
destination for SSH connection.
<device> system-view
[device] interface vlan-interface 1
[device-Vlan-interface1] ip address 10.165.87.136 255.255.255.0
[device-Vlan-interface1] quit
# Generate RSA and DSA key pairs.
[device] public-key local create rsa
[device] public-key local create dsa
# Set the authentication mode for the user interfaces to AAA.
[device] user-interface vty 0 4
[device-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[device-ui-vty0-4] protocol inbound ssh
[device-ui-vty0-4] quit
# Create local user "client001", and set the authentication password to abc, the login protocol to SSH,
and user command privilege level to 3.
[device] local-user client001
[device-luser-client001] password simple abc
[device-luser-client001] service-type ssh level 3
[device-luser-client001] quit
# Configure the authentication type of user client001 as password.
[device] ssh user client001 authentication-type password
Configure Switch A
# Create a VLAN interface on the device and assign an IP address, which serves as the SSH client's
address in an SSH connection.
<device> system-view
[device] interface vlan-interface 1
1-23, establish an SSH connection between Switch A (SSH Client) and Switch B
VLAN-Interface 1
10 .165 .87.137./24
Switch A
SSH Client
1-30