3Com Switch 8800 Family Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

771

772

773

774

775

776

777

778

779

780

SSH Terminal Service 773

Generating or destroying an RSA key pair

Use this configuration task to generate or destroy an RSA key pair (including the

host key and server key) of the server. The naming conventions for the keys are

switchname + host and switchname + server respectively.

After this command is entered, the system prompts you to input the number of

the key pair bits. Pay attention to the following:

■ The host key and the server key must have a difference of at least 128 bits in

length.

■ The minimum and maximum lengths for the host key and the server key are

512 bits and 2048 bits respectively.

Perform the following configuration in system view.

CAUTION:

■ Generating the RSA key pair of the server is the first step to perform after SSH

■ This command needs to be performed only once; you need not re-perform it

after rebooting the switch.

■ If a key pair exists before the configuration, a prompt will appear asking if you

want to replace it.

■ When an SSH user logs in, the key generated by the server must be longer than

768 bits. By default, the key generated by the server is 1,024 bits.

Configuring the user authentication mode

Use this configuration task to specify the authentication mode for an SSH user.

You must specify an authentication mode for a new user; otherwise, the new user

will not be able to log in.

Note the following points:

1 The authentication mode configured for SSH users is used preferably. For example,

an SSH user is added whose service type is set to stelnet but configured with no

Tab le 715 Generate an RSA key pair

Operation Command

Generate an RSA key pair rsa local-key-pair create

Destroy an RSA key pair rsa local-key-pair destroy

Tab le 716 Configure the authentication mode for an SSH user

Operation Command Description

Enter system view system-view -

Configure an authentication

mode for SSH users

ssh user username

authentication-type {

password | rsa |

password-publickey | all }

By default, no login

authentication mode is

specified, that is, SSH users

are unable to log in.