3Com Switch 7750 Configuration Guide Guide
720 CHAPTER 67: SSH TERMINAL SERVICES
Note that:
■ Use the ssh authentication-type default command to configure the default
authentication type for all users.
■ Use the ssh user username authentication-type command to specify the
authentication type for a user.
■ When the two commands are configured simultaneously, and the
authentication types configured for the user (specified by username) are
different with each other, comply with the configuration of the ssh user
username authentication-type command.
c
CAUTION:
■ If RSA authentication type is defined, then the RSA public key of the client user
must be configured on the switch.
■ For the password-publickey authentication type: SSHv1 client users can
access the switch as long as they pass one of the two authentications. SSHv2
client users can access the switch only when they pass both the
authentications.
■ For the password authentication, username should be consistent with the
effective user name defined in AAA; for the RSA authentication, username is
the SSH local user name, so that there is no need to configure a local user in
AAA.
Configuring server SSH attributes
Configuring server SSH authentication timeout time, retry times, server keys
update interval and SSH compatible mode can effectively assure security of SSH
connections by avoiding illegal actions such as malicious password guessing.
Configure authentication type
for SSH users
ssh user username
authentication-type {
password | rsa |
password-publickey | all }
Optional
By default, the system does
not specify available
authentication types for SSH
users, that is, they can not
access the switch
Table 553 Configure authentication type
Operation Command Description
Tabl e 554 Configure server SSH attributes
Operation Command Description
Enter system view system-view -
Set SSH authentication
timeout time
ssh server timeout seconds
Optional
The timeout time defaults to
60 seconds.
Set SSH authentication retry
times
ssh server
authentication-retries times
Optional
The retry times defaults to 3.
Set server keys update interval ssh server rekey-interval
Optional
By default, the system does
not update server keys.