3Com Switch 4200G Configuration Guide
312 CHAPTER 36: SSH TERMINAL SERVICES
Configuring supported protocols
CAUTION: When SSH protocol is specified, to ensure a successful login, you must
configure the AAA authentication using the authentication-mode scheme
command.
The protocol inbound ssh configuration fails if you configured
authentication-mode password or authentication-mode none. When you
configure SSH protocol successfully for the user interface, then you cannot configure
authentication-mode password or authentication-mode none any more.
Generating or destroying RSA key pairs
The name of the server RSA key pair is in the format of switch name plus _host,
S4200G_host for example.
After you use the command, the system prompts you to define the key length.
■ In SSH1.x, the key length is in the range of 512 to 2,048 (bits).
■ In SSH2.0, the key length is in the range of 1024 to 2048 (bits). To make SSH 1.x
compatible, 512- to 2,048-bit keys are allowed on clients, but the length of server
keys must be more than 1,024 bits. Otherwise, clients cannot be authenticated.
CAUTION:
■ For a successful SSH login, you must generate a local RSA key pair first.
■ You just need to execute the command once, with no further action required even
after the system is rebooted.
■ If you use this command to generate an RSA key provided an old one exits, the
system will prompt you to replace the previous one or not.
Table 264 Configure supported protocols
Operation Command Remarks
Enter system view system-view -
Enter one or multiple user
interface views
user-interface [ type-keyword ]
number [ ending-number ]
Required
Configure the protocols supported
in the user interface view(s)
protocol inbound { all |ssh |
telnet }
Optional
By default, the system
supports both Telnet and
SSH.
Table 265 Generate or destroy RSA key pairs
Operation Command Remarks
Enter system view system-view -
Generate a local RSA key pair rsa local-key-pair create Required
Destroy a local RSA key pair rsa local-key-pair destroy Optional