372
C
12: F
S
HAPTER
ILE
Setting System Protocol
M
YSTEM
ANAGEMENT
Setting system protocol and link maximum
■
Configuring and deleting local RSA key pair
■
Configuring authentication type
■
Defining update interval of server key
■
Defining SSH authentication timeout value
■
Defining SSH authentication retry value
■
Entering public key view and editing public key
■
Associating public key with SSH user
■
You must specify SSH protocol for the system before enabling SSH.
Perform the following configuration in User Inteface View.
Table 450 Setting System Protocols and Link Maximum
Operation
Set system protocol and link maximum protocol inbound { all | ssh | telnet }
By default, the system supports Telnet and SSH protocols.
CAUTION: If SSH protocol is specified, to ensure a successful login, you must
configure the AAA authentication using the
command. The
authentication-mode password
configure SSH protocol successfully for the user interface, then you cannot
configure
authentication-mode password
any more.
Configuring and Canceling Local RSA Key Pair
In executing this command, if you have configured RSA host key pair, the system
gives an alarm after using this command and prompts that the existing one will be
replaced. The server key pair is created dynamically by the SSH server. The
maximum bit range of both key pairs is 2048 bits and the minimum is 512.
Please perform the following configurations in System View.
Table 451 Configuring and Canceling Local RSA Key Pair
Operation
Configure local RSA key pair
Cancel local RSA key pair
CAUTION: For a successful SSH login, you must configure and generate the local
RSA key pairs. To generate local key pairs, you just need to execute the command
once, with no further action required even after the system is rebooted.
Configuring Authentication Type
For a new user, you must specify authentication type. Otherwise, they cannot
access the Switch.
Perform the following configurations in System View.
Command
protocol inbound ssh
and
Command
rsa local-key-pair create
rsa local-key-pair destroy
authentication-mode scheme
configuration fails if you configure
authentication-mode none
and
authentication-mode none
. When you