F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices System Management and Maintenance Configuration Guide-6PW100
186
# Specify the host public key for the Stelnet server (192.168.1.40) as key1.
[Firewall] ssh client authentication server 10.165.87.136 assign publickey key1
[Firewall] quit
# Establish an SSH connection to SSH server 192.168.1.40.
<Firewall> ssh2 192.168.1.40
Username: client001
Trying 192.168.1.40
Press CTRL+K to abort
Connected to 192.168.1.40...
Enter password:
After you enter the correct username and password, you can log in to the router successfully.
297BWhen the firewall acts as an Stelnet client for publickey
authentication
467BNetwork requirements
As shown in 902HFigure 82, you can log in to the router through the Stelnet client that runs on firewall. The
router acts as the Stelnet server, adopting publickey authentication and the DSA public key algorithm.
Figure 82 Network diagram
468BConfiguration considerations
In the server configuration, the client public key is required. Use the client software to generate a DSA key
pair on the client before configuring the Stelnet server.
469BConfiguration procedure
1. Configure the Stelnet client:
# Configure an IP address for interface GigabitEthernet 0/1.
<Firewall> system-view
[Firewall] interface gigabitethernet 0/1
[Firewall-GigabitEthernet0/1] ip address 192.168.1.56 255.255.255.0
[Firewall-GigabitEthernet0/1] quit
# Generate a DSA key pair.
[Firewall] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++