H3C S7500 Series Ethernet Switches Release 3135 DHCP Configuration Examples
SSH Configuration Examples
H3C S7500 Series Ethernet Switches Release 3135 Chapter 2 SSH Configuration Commands
2-6
As shown in Table 2-5, you need to configure the server public key to the client in the
case that the SSH client does not support first-time authentication.
z On the SSH server, use the display rsa local-key-pair public command to
display the RSA public key.
z Configure the public key to the SSH client. Thus, the SSH client can authenticate
the SSH server using the public key when establishing a connection with the SSH
server.
2.3.2 Configuration Commands
I. Enabling first-time authentication
Table 2-6 Enable first-time authentication
Operation Command Description
Enter system view
system-view
—
Enable first-time
authentication
ssh client first-time enable
Optional
Enabled by default
Establish a connection
with the SSH server
ssh2 { host-ip | host-name }
[ port-num ] [ prefer_kex
{ dh_group1 |
dh_exchange_group } |
prefer_ctos_cipher { des |
aes128 } | prefer_stoc_cipher
{ des | aes128 } |
prefer_ctos_hmac { sha1 |
sha1_96 | md5 | md5_96 } |
prefer_stoc_hmac { sha1 |
sha1_96 | md5 | md5_96 } ] *
Required
In this command,
you can also
specify the
preferred key
exchange
algorithm,
encryption
algorithms and
HMAC algorithms
between the server
and client.
II. Disabling first-time authentication
Table 2-7 Disable first-time authentication
Operation Command Description
Enter system view
system-view
—
Disable first-time
authentication
undo ssh client first-time
Required
Enabled by default
Enter public key view
rsa peer-public-key
keyname
Required
Enter public key edit
view
public-key-code begin
—