Figure 49 Network diagram
For more information about MCE, see Layer 3—IP Routing Configuration Guide.
Configuring the switch as an SSH server
SSH server configuration task list
Task
Generating DSA or RSA key pairs
Enabling the SSH server function
Configuring the user interfaces for SSH clients
Configuring a client public key
Configuring an SSH user
Setting the SSH management parameters
Setting the DSCP value for packets sent by the SSH
server
Generating DSA or RSA key pairs
In the key and algorithm negotiation stage, the DSA or RSA key pairs are used to generate the session
key and session ID and for the client to authenticate the server.
Configuration guidelines
To support SSH clients that use different types of key pairs, generate both DSA and RSA key pairs
•
on the SSH server.
The public-key local create rsa command generates a server RSA key pair and a host RSA key pair.
•
Each of the key pairs consists of a public key and a private key. The public key in the server key pair
of the SSH server is used in SSH1 to encrypt the session key for secure transmission of the key. As
SSH2.0 uses the DH algorithm to generate the session key on the SSH server and client, no session
key transmission is required in SSH2.0 and the server key pair is not used.
Remarks
Required
Required
Required
Required for publickey authentication users and
optional for password authentication users
Optional
Optional
Optional
180