Enabling first-time authentication, Disabling first-time authentication – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 310
296
Step Command
Remarks
2.
Specify a source IP
address or
interface for the
SSH client.
•
Specify a source IPv4 address or interface for the
SSH client
ssh client source { ip ip-address | interface
interface-type interface-number }
•
Specify a source IPv6 address or interface for the
SSH client
ssh client ipv6 source { ipv6 ipv6-address
|.interface interface-type interface-number }
Use either command
By default, an SSH client
uses the IP address of the
outbound interface
defined by the route to the
SSH server to access the
SSH server.
Configuring whether first-time authentication is supported
When the access controller connects to the SSH server as an SSH client, you can configure whether the
access controller supports first-time authentication.
•
With first-time authentication, when an SSH client not configured with the server host public key
accesses the server for the first time, the user can continue accessing the server, and save the host
public key on the client. When accessing the server again, the client will use the saved server host
public key to authenticate the server.
•
Without first-time authentication, a client not configured with the server host public key will refuse to
access the server. To enable the client to access the server, you must configure the server host public
key and specify the public key name for authentication on the client in advance.
Enabling first-time authentication
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable the access controller to
support first-time
authentication.
ssh client first-time enable
Optional.
By default, first-time authentication
is supported on a client.
Disabling first-time authentication
For successful authentication of an SSH client not supporting first-time authentication, the server host
public key must be configured on the client and the public key name must be specified.
To disable first-time authentication:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Disable first-time
authentication support.
undo ssh client first-time
By default, first-time authentication
is supported on a client.
3.
Configure the server host
public key.
See "
"
The method for configuring the
server host public key on the client
is similar to that for configuring
client public key on the server.
4.
Specify the host public key
name of the server.
ssh client authentication server
server assign publickey keyname
N/A
- H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points H3C S10500 Series Switches H3C S5800 Series Switches H3C S5820X Series Switches H3C S12500 Series Switches H3C S9500E Series Switches H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C SR8800 H3C SR6600-X H3C SR6600 H3C SecPath F5020 H3C SecPath F5040 H3C VMSG VFW1000