3Com Switch 8800 Family Configuration Guide
774 CHAPTER 67: SSH TERMINAL SERVICE
authentication mode. In this case, whatever the default authentication mode, the
user cannot log in because the user’s authentication mode is null.
2 Standard radius does not support user-level attributes. Therefore, during remote
authentication, you must specify the server type in the radius scheme as 3Com or
extend and specify the correct user level on the radius server before the
corresponding user level can be obtained after successful login; otherwise, you
can log in only as a 0-level user.
Configure the default user authentication mode
Use this configuration to specify the default authentication mode for SSH users.
An SSH user is authenticated in one of the following two cases:
1 A user configured with an authentication mode will be authenticated in the
authentication mode configured.
2 A user not configured with any authentication mode will be authenticated in the
default authentication mode:
■ If the default authentication mode is password or all, the user can log in
successfully by using a local or remote SSH username and password.
■ If the default authentication mode is rsa or password-publickey, the user
must be assigned a key and authenticated in key mode through a local SSH
user. An SSH user in key mode does not support remote authentication.
If no default authentication mode is available, the user cannot log in because the
user is not configured with any authentication mode; therefore, a user must be
configured with an authentication mode before logging in successfully.
The default authentication mode is NULL; that is, no authentication mode is
configured.
Configuring the updating cycle of the server key
Use this configuration task to set the updating cycle of the server key to secure the
SSH connection in best effort.
Perform the following configuration in system view
Tabl e 717 Configure the default authentication mode for SSH users
Operation Command Description
Enter system view system-view -
Configure the default
authentication mode for SSH
users
ssh authentication-type
default { password | rsa | all
| password-publickey }
If no default authentication
mode is available and no
authentication mode is
configured for a user, the user
will not be able to log in.
Tabl e 718 Configure the updating cycle of the server key
Operation Command
Configure the updating cycle of the server key ssh server rekey-interval hours
Cancel the updating cycle configuration undo ssh server rekey-interval