Manualshelf

R3102-R3103-HP 6600/HSR6600 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG TAA-compliant Router
331332333334335336337338339340
323
Disabling first-time authentication
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Disable first-time
authentication.
undo ssh client first-time Enabled by default.
3. Configure the server host
public key.
See "Configuring a client's host
publi
c key"
The method for configuring the
server host public key on the client
is similar to that for configuring
client public key on the server.
4. Specify the host public key
name of the server.
ssh client authentication server
server assign publickey keyname
N/A
Establishing a connection to an Stelnet server
You can launch the Stelnet client to establish a connection to an Stelnet server, and specify the public key
algorithm, the preferred encryption algorithm, the preferred HMAC algorithm, and the preferred key
exchange algorithm.
To establish a connection to an Stelnet server:
Task Command Remarks
Establish a
connection to
an Stelnet
server.
Establish a connection to an IPv4 server:
{ In non-FIPS mode:
ssh2 server [ port-number ] [ vpn-instance vpn-instance-name ]
[ identity-key { dsa | rsa } | prefer-compress { zlib | zlib-openssh } |
prefer-ctos-cipher { 3des | aes128 | des } | prefer-ctos-hmac { md5
| md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange |
dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des | aes128 |
des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
{ In FIPS mode:
ssh2 server [ port-number ] [ vpn-instance vpn-instance-name ]
[ identity-key rsa | prefer-ctos-cipher { aes128 | aes256 } |
prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14 |
prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac { sha1 |
sha1-96 } ] *
Establish a connection to an IPv6 server:
{ In non-FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ]
[ identity-key { dsa | rsa } | prefer-compress { zlib | zlib-openssh }
|prefer-ctos-cipher { 3des | aes128 | des } | prefer-ctos-hmac { md5
| md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange |
dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des | aes128 |
des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
{ In FIPS mode:
ssh2 ipv6 server [ port-number ] [ identity-key rsa |
prefer-ctos-cipher { aes128 | aes256 } | prefer-ctos-hmac { sha1 |
sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher { aes128 |
aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *
Use one of the
commands in
user view.