R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

141

142

143

144

145

146

147

148

149

150

141

To do... Use the command…

Remarks

Establish a

connection between

the SSH client and

server, and specify

the public key

algorithm, preferred

encryption

algorithms, preferred

HMAC algorithms

and preferred key

exchange algorithm

For an IPv4

server

ssh2 server [ port-number ] [ identity-key { dsa |

rsa } | prefer-ctos-cipher { 3des | aes128 | des } |

prefer-ctos-hmac { md5 | md5-96 | sha1 |

sha1-96 } | prefer-kex { dh-group-exchange |

dh-group1 | dh-group14 } | prefer-stoc-cipher

{ 3des | aes128 | des } | prefer-stoc-hmac { md5 |

md5-96 | sha1 | sha1-96 } ] *

Required

Use either

command in

user view.

For an IPv4

IPv6 server

ssh2 ipv6 server [ port-number ] [ identity-key { dsa

| rsa } | prefer-ctos-cipher { 3des | aes128 | des }

| prefer-ctos-hmac { md5 | md5-96 | sha1 |

sha1-96 } | prefer-kex { dh-group-exchange |

dh-group1 | dh-group14 } | prefer-stoc-cipher

{ 3des | aes128 | des } | prefer-stoc-hmac { md5 |

md5-96 | sha1 | sha1-96 } ] *

Displaying and maintaining SSH

To do… Use the command…

Remarks

Display the source IP address or interface set for the

SFTP client

display sftp client source Available in any view

Display the source IP address or interface set for the

SSH client

display ssh client source Available in any view

Display SSH server status information or session

information on an SSH server

display ssh server { status |

session }

Available in any view

Display the mappings between SSH servers and their

host public keys saved on an SSH client

display ssh server-info Available in any view

Display information about a specified or all SSH users

on the SSH server

display ssh user-information

[ username ]

Available in any view

Display the public keys of the local key pairs

display public-key local { dsa

| rsa } public

Available in any view

Display the public keys of the SSH peers

display public-key peer [ brief

| name publickey-name ]

Available in any view

SSH server configuration examples

When the firewall acts as a server for password authentication

Network requirements

• The host (the SSH client) and Firewall (the SSH server) are directly connected through the Ethernet

interfaces.

• The host runs SSH2.0 client software to log into Firewall for configuration.

• Password authentication is used. The username and password are saved on Firewall.