R0106-HP MSR Router Series Security Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR4060 Router Chassis

351

352

353

354

355

356

357

358

359

360

346

# Generate the RSA key pairs.

<RouterB> system-view

[RouterB] public-key local create rsa

The range of public key size is (512 ~ 2048).

If the key modulus is greater than 512, it will take a few minutes.

Press CTRL+C to abort.

Input the modulus length [default = 1024]:

Generating Keys...

........................++++++

...................++++++

..++++++++

............++++++++

Create the key pair successfully.

# Generate a DSA key pair.

[RouterB] public-key local create dsa

The range of public key size is (512 ~ 2048).

If the key modulus is greater than 512, it will take a few minutes.

Press CTRL+C to abort.

Input the modulus length [default = 1024]:

Generating Keys...

.++++++++++++++++++++++++++++++++++++++++++++++++++*

........+......+.....+......................................+

...+.................+..........+...+

Create the key pair successfully.

# Enable the SSH server function.

[RouterB] ssh server enable

# Assign an IP address to interface GigabitEthernet 2/1/1. The Stelnet client uses this address as

the destination address for SSH connection.

[RouterB] interface gigabitethernet 2/1/1

[RouterB-GigabitEthernet2/1/1] ip address 192.168.1.40 255.255.255.0

[RouterB-GigabitEthernet2/1/1] quit

# Set the authentication mode to AAA for the user lines.

[RouterB] line vty 0 63

[RouterB-line-vty0-63] authentication-mode scheme

[RouterB-line-vty0-63] quit

# Create a local device management user client001 with the plaintext password aabbcc, the

service type ssh, and the user role network-admin.

[RouterB] local-user client001 class manage

[RouterB-luser-manage-client001] password simple aabbcc

[RouterB-luser-manage-client001] service-type ssh

[RouterB-luser-manage-client001] authorization-attribute user-role network-admin

[RouterB-luser-manage-client001] quit

# Create an SSH user client001 with the service type stelnet and the authentication method

password. By default, password authentication is used if no SSH user is created.

[RouterB] ssh user client001 service-type stelnet authentication-type password

2. Establish a connection to the Stelnet server 192.168.1.40:

# Assign an IP address to interface GigabitEthernet 2/1/1.