338
The PKI domain specified for the SSH server has the following functions:
• The SSH server uses the PKI domain to send its certificate to the client in the key exchange
stage.
• The SSH server uses the PKI domain to authenticate the client's certificate if no PKI domain is
specified for the client authentication by using the ssh user command.
To specify a PKI domain for the SSH server:
1. Enter system view.
N/A
2. Specify a PKI domain for the
SSH server.
ssh server pki-domain
domain-name
By default, no PKI domain is
specified for the SSH server.
Configuring the device as an Stelnet client
Stelnet client configuration task list
(Optional.) Specifying the source IP address for SSH packets
(Required.) Establishing a connection to an Stelnet server
(Optional.) Establishing a connection to an Stelnet server based on Suite B
Specifying the source IP address for SSH packets
As a best practice, specify the IP address of the loopback interface as the source interface for SSH
packets for the following purposes:
• Ensuring the communication between the Stelnet client and the Stelnet server.
• Improving the manageability of Stelnet clients in authentication service.
To specify the source IP address for SSH packets:
1. Enter system view.
N/A
2. Specify the source
address for SSH packets.
• Specify the source IPv4 address for
SSH packets:
ssh client source
{
interface
interface-type interface-number |
ip
ip-address }
• Specify the source IPv6 address for
SSH packets:
ssh client ipv6 source { interface
interface-type interface-number |
ipv6 ipv6-address }
By default, the
address for SSH packets is not
packets, the device uses the
primary IPv4 address
output interface specified in
the routing entry as the source
address of the packets. For
IPv6 SSH packets, the device
automatically selects an IPv6
address as the source address
of the packets in compliance
with RFC 3484.
To Next Page
Loading...
Need help?
General