Operation Manual – SSH Terminal Service
H3C S3600 Series Ethernet Switches-Release 1510 Chapter 1
SSH Terminal Service
1-5
Operation Command Description
Configure the user
interface(s) to support
specified protocol(s)
protocol inbound { all
|ssh | telnet }
Optional
By default, both Telnet
and SSH are supported.
Caution:
z If you have configured a user interface to support SSH protocol, to ensure a
successful login to the user interface, you must configure AAA authentication for the
user interface by using the authentication-mode scheme command.
z For a user interface, if you have executed the authentication-mode password or
authentication-mode none command, the protocol inbound ssh command
cannot be executed; if you have executed the protocol inbound ssh command,
neither of the authentication-mode password and authentication-mode none
commands can be executed.
II. Generating or destroying local RSA key pairs
This configuration task is used to generate or destroy the server's RSA key pairs, which
are named in the format of switch name plus "_Host", and switch name plus "_Server",
for example, H3C_Host and H3C_Server.
After you issue the rsa local-key-pair create command, the system prompts you to
input a key length.
z In SSH1.x, the key length is in the range of 512 to 2,048 (bits).
z In SSH2.0, the key length is in the range of 1024 to 2048 (bits). To keep
compatible with SSH1.x, SSH2.0 allows client keys to be 512 to 2,048 bits in
length. But the server's key length must not be shorter than 1,024 bits; otherwise,
clients cannot be authenticated.
Table 1-3 Generate or destroy local RSA key pairs
Operation Command Description
Enter system view
system-view
—
Generate local RSA key pairs
rsa local-key-pair create
Required
Destroy local RSA key pairs
rsa local-key-pair destroy
Optional
To Next Page
Loading...
Need help?
General