R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101
140
Configuring whether first-time authentication is supported
When the device connects to the SSH server as an SSH client, you can configure whether the device
supports first-time authentication.
• With first-time authentication, when an SSH client not configured with the server host public key
accesses the server for the first time, the user can continue accessing the server, and save the host
public key on the client. When accessing the server again, the client will use the saved server host
public key to authenticate the server.
• Without first-time authentication, a client not configured with the server host public key will deny to
access the server. To access the server, a user must configure in advance the server host public key
locally and specify the public key name for authentication.
Enable the device to support first-time authentication
Follow these steps to enable the device to support first-time authentication:
To do... Use the command…
Remarks
Enter system view system-view —
Enable the device to support
first-time authentication
ssh client first-time enable
Optional
By default, first-time authentication is
supported on a client.
Disable first-time authentication
For successful authentication of an SSH client not supporting first-time authentication, the server host
public key must be configured on the client and the public key name must be specified.
Follow these steps to disable first-time authentication:
To do... Use the command…
Remarks
Enter system view
system-view
—
Disable first-time
authentication support
undo ssh client first-time
Optional
By default, first-time authentication is
supported on a client.
Configure the server
public key
See “Configuring a client public
key”
Required
The method of configuring server public
key on the client is similar to that of
configuring client public key on the server.
Specify the host public
key name of the server
ssh client authentication server
server assign publickey keyname
Required
Establishing a connection between the SSH client and the
server
Follow these steps to establish the connection between the SSH client and the server: