Ssh Configuration Examples; When Switch Acts As Server For Local Password Authentication - H3C S5600 Series Operation Manual

Operation
Create an SSH user and
specify publickey
authentication as its
authentication type
After RSA key pairs are generated, the display rsa local-key-pair public command displays two
public keys (the host public key and server public key) when the switch is working in
SSH1-compatible mode, but only one public key (the host public key) when the switch is working in
SSH2 mode.
The results of the display rsa local-key-pair public command or the public key converted with
the SSHKEY tool contains no information such as the authentication type, so they cannot be
directly used as parameters in the public-key peer command. For the same reason, neither can
the results of the display public-key local rsa public command be used in the rsa
peer-public-key command directly.

SSH Configuration Examples

When Switch Acts as Server for Local Password Authentication

Network requirements
As shown in Figure
(SSH Server) for secure data exchange. The host runs SSH2.0 client software. Password
authentication is required.
Network diagram
Figure 1-11 Switch acts as server for local password authentication
Configuration procedure
Configure the SSH server
# Create a VLAN interface on the switch and assign an IP address, which the SSH client will use as the
destination for SSH connection.
<Switch> system-view
[Switch] interface vlan-interface 1
[Switch-Vlan-interface1] ip address 192.168.0.1 255.255.255.0
[Switch-Vlan-interface1] quit
Original commands
ssh user username
authentication-type rsa
1-11, establish an SSH connection between the host (SSH Client) and the switch
1-25
Current commands
ssh user username
authentication-type publickey