1-7
Configuring the User Interfaces for SSH Clients
An SSH client will access the device through a terminal “VTY” user interface. Therefore, you need to
configure the device user interface to accept SSH clients and allow SSH login. Note that the
configuration takes effect at the next login.
Follow these steps to configure the device user interface for SSH clients:
To do... Use the command... Remarks
Enter system view
system-view
—
Enter user interface view of one
or more user interfaces
user-interface vty first-number
[ last-number ]
—
Configure the authentication
mode as scheme
authentication-mode scheme
[ command-authorization ]
Required
By default, the user interface
authentication mode is
password.
Specify the supported
protocol(s)
protocol inbound { all |ssh }
Optional
By default, both Telnet and
SSH are supported.
z If you have configured a user interface to support SSH protocol, you must configure AAA
authentication for the user interface by using the authentication-mode scheme command to
ensure successful login.
z On a user interface, if the authentication-mode password or authentication-mode none
command has been executed, the protocol inbound ssh command is not available. Similarly, if
the protocol inbound ssh command has been executed, the authentication-mode password
and authentication-mode none commands are not available.
Configuring the SSH Management Functions
The SSH server provides a number of management functions to prevent illegal operations such as
malicious password guess, guaranteeing the security of SSH connections. You can specify the IP
address or the interface corresponding to the IP address for the SSH server to provide SSH access
services for clients. In this way, the SSH client accesses the SSH server only using the specified IP
address. This increases the service manageability when the SSH server has multiple interfaces and IP
addresses.
Follow these steps to configure SSH management functions:
To do... Use the command... Remarks
Enter system view
system-view
—
To Next Page
Loading...
