Manualshelf

H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
1271127212731274127512761277127812791280
Operation Manual – SSH
H3C S7500E Series Ethernet Switches Chapter 1 SSH Configuration
1-10
Caution:
z After passing AAA authentication, an AAA user without SSH user account still can
log on to the server using password authentication and Stelnet or SFTP service.
z An SSH server supports up to 1024 SSH users.
z The service type of an SSH user can be Stelnet or SFTP. stelnet, or the secure
Telnet protocol, refers to the traditional SSH service. For information about stelnet,
refer to
SSH Overview. sftp represents the secure FTP protocol. For information
about sftp, refer to
SFTP Overview.
z For successful login through SFTP, you must set the user service type to sftp or all.
z You can set the service type of an SSH user to stelnet or all if the user does not
need SFTP service.
z As SSH1 does not support service type sftp, if the client uses SSH1 to log in to the
server, you must set the service type to stelnet or all on the server. Otherwise, the
client will fail to log in successfully.
z The working folder of an SFTP user is subject to the user authentication method.
For a user using only password authentication, the working folder is the AAA
authorized one. For a user using only publickey authentication or using both the
publickey and password authentication methods, the working folder is the one set
by using the ssh user command.
z The configured authentication method takes effect when the user logs in next time.
Note:
For users using publickey authentication:
z You must configure on the device the corresponding username and public keys.
z After login, the commands available for a user are determined by the user privilege
level, which is configured with the user privilege level command on the user
interface. By default, the command privilege level is 0.
For users using password authentication:
z You can configure the accounting information either on the device or on the remote
authentication server (such as RADIUS authentication server).
z After login, the commands available to a user are determined by AAA authorization.
1.2.7 Setting the SSH Management Parameters
SSH management includes:
z Enabling the SSH server to be compatible with SSH1
z Setting the server key pair update interval, applicable to users using SSH1 client.