Enabling the ssh server function, Configuring the user interfaces for ssh clients, Configuration guidelines – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 306: Configuration procedure, Configuring a client public key
292
Enabling the SSH server function
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable the SSH server
function.
ssh server enable
Disabled by default.
Configuring the user interfaces for SSH clients
An SSH client accesses the access controller through a VTY user interface. You must configure the user
interfaces for SSH clients to allow SSH login. The configuration takes effect only for clients that log in after
the configuration.
Configuration guidelines
•
If you configure a user interface to support SSH, be sure to configure the corresponding
authentication mode with the authentication-mode scheme command.
•
For a user interface configured to support SSH, you cannot change the authentication mode. To
change the authentication mode, undo the SSH support configuration first.
Configuration procedure
To configure the protocols for a user interface to support:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter user interface view of
one or more user interfaces.
user-interface vty number
[ ending-number ]
N/A
3.
Set the login authentication
mode to scheme.
authentication-mode scheme
By default, the authentication
mode is password.
4.
Configure the user interfaces
to support SSH login.
protocol inbound { all | ssh }
Optional.
All protocols, including Telnet and
SSH, are supported by default.
For more information about the authentication-mode and protocol inbound commands, see
Fundamentals Command Reference.
Configuring a client public key
This configuration task is only necessary for SSH users using publickey authentication.
For each SSH user that uses publickey authentication to log in, you must configure the client's ECDSA or
RSA host public key on the server, and configure the client to use the corresponding host private key.
To configure the public key of an SSH client, you can configure it manually or import it from the public key
file:
•
Configure it manually—You can type or copy the public key to the SSH server. The public key must
be in the distinguished encoding rules (DER) encoding format and have not been converted.
- H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points H3C S10500 Series Switches H3C S5800 Series Switches H3C S5820X Series Switches H3C S12500 Series Switches H3C S9500E Series Switches H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C SR8800 H3C SR6600-X H3C SR6600 H3C SecPath F5020 H3C SecPath F5040 H3C VMSG VFW1000