9 Telnet and SSH
Configuration Procedure
Step 1 Generate a local key pair on the server.
<Quidway> system-view
[Quidway] rsa local-key-pair create
The key name will be: Quidway_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
Input the bits in the modulus[default = 512]:
Generating keys...
.......++++++++++++
..........++++++++++++
...................................++++++++
Step 2 Create an SSH user on the server.
# Configure the VTY user Interface.
[Quidway] user-interface vty 0 4
[Quidway-ui-vty0-4] authentication-mode aaa
[Quidway-ui-vty0-4] protocol inbound ssh
[Quidway-ui-vty0-4] quit
# Create an SSH user with the name Client001. The authentication mode is password.
[Quidway] ssh user client001
[Quidway] ssh user client001 authentication-type password
# Set huawei as the password for the Client001 of the SSH user.
[Quidway] aaa
[Quidway-aaa] local-user client001 password simple huawei
[Quidway-aaa] local-user client001 service-type ssh
[Quidway]
[Quidway] ssh user client002 authentication-type rsa
Step 3 Configure the RSA public key of the server.
# Generate a local key pair on the client.
<Quidway> system-view
[Quidway] sysname client002
[client002] rsa local-key-pair create
# View the RSA public key generated on the client.
[client002] display rsa local-key-pair public
=====================================================
9-38
It will take a few minutes.
The SSH user has four authentication modes, namely, password, RSA, password-rsa, and all.
When the SSH adopts the password or password-rsa authentication, configure a local user at the
same name.
When the SSH user adopts the RSA, password-rsa, or all authentication, the server should save the
RSA public key for the SSH client.
Create Client001 for the SSH user.
Create an SSH user with user name Client002 and RSA authentication.
ssh user client002
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Quidway NetEngine80
Configuration Guide - Basic Configurations
Issue 04 (2009-12-20)