3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

711

712

713

714

715

716

717

718

719

720

SSH Terminal Services 717

■ The server authenticates the username information from the client. If the user

is configured as no authentication on the server, authentication stage is

skipped and session request stage starts directly.

■ The client authenticates information from the user at the server till the

authentication succeeds or the connection is turned off due to authentication

timeout.

SSH supports two authentication types: password authentication and RSA

authentication.

1 Password authentication works as follows:

■ The client sends its username and password to the server.

■ The server compares the username and password received with those

configured locally. The user is allowed to log on to the Switch if the usernames

and passwords match exactly.

2 RSA authentication works as follows:

■ Configure the RSA public key of the client user at the server.

■ The client sends the member modules of its RSA public key to the server.

■ The server checks the validity of the member module. If it is valid, the server

generates a random number, which is sent to the client after being encrypted

with RSA public key of the client.

■ Both ends calculate authentication data based on the random number and

session ID.

■ The client sends the authentication data calculated back to the server.

■ The server compares it with its authentication data obtained locally. If they

match exactly, the user is allowed to access the switch.

3 Session request stage. The client sends session request messages to the server

which processes the request messages.

4 Interactive session stage. Both ends exchange data till the session ends.

SSH Server

Configuration

The following table describes SSH server configuration tasks.

Table 549 Configure SSHv2.0 server

Configuration Keyword Description

Configure supported

protocols

protocol inbound

Refer to the “Configuring

supported protocols”

Generate a local RSA key pair rsa local-key-pair create

Refer to the “Generating or

destroying RSA key pairs”

Destroy a local RSA key pair rsa local-key-pair destroy

Create an SSH user ssh user username

Refer to “Creating an SSH

user”.

Specify a default

authentication type for SSH

users

ssh authentication-type

default

Refer to the “Configuring

authentication type”

Configure authentication type

for SSH users

ssh user username

authentication-type