3Com Switch 8800 Family Configuration Guide
SSH Terminal Service 779
Configuration procedure
1 Generate the RSA key.
[SW8800] rsa local-key-pair create
n
If the configuration for generating the local key has already been completed, skip
this step.
2 Set the user login authentication mode.
The following shows the configuration methods for both password authentication
and RSA public key authentication.
■ Password authentication.
# Create the local user client001, and set the authentication mode of the user
interface to AAA.
[SW8800] user-interface vty 0 4
[3Com-ui-vty0-4] authentication-mode scheme
# Specify the login protocol for user client001 as SSH.
[3Com-ui-vty0-4] protocol inbound ssh
[SW8800] local-user client001
New local user added
[3Com-luser-client001] password simple 3Com
[3Com-luser-client001]service-type ssh
[3Com-luser-client001]quit
[SW8800] ssh user client001 authentication-type password
n
You can use the default values for SSH authentication timeout and retries. After
completing the above configurations, you can run the SSH 2.0-enabled client
software on any other terminal connected with the switch and access the switch
with the username client001 and password 3Com.
■ RSA authentication.
# Create the local user client001, and set the authentication mode of the user
interface to AAA.
[SW8800] user-interface vty 0 4
[3Com-ui-vty0-4] authentication-mode scheme
# Specify the login protocol for user client002 as SSH.
[3Com-ui-vty0-4] protocol inbound ssh
# Set the authentication mode for the remote user on the switch to RSA.
[SW8800] ssh user client002 authentication-type rsa
# Using the SSH 2.0-enabled client software, randomly generate an RSA key pair
and send the public key to the server.
Configure the public key of the client.