3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module

931

932

933

934

935

936

937

938

939

940

Configuring the SSH Server 943

Authentication will fail if the number of authentication attempts (including both

RSA and password authentication) exceeds that specified in the ssh server

authentication-retries command.

Configuring RSA Public

Key for the Client

This configuration is applicable when the RSA authentication mode is used for SSH

users. If the password authentication mode is configured for SSH users, this

configuration is not required.

The RSA public key configured on the device is for the SSH user on the client. On

the client, you need to specify an RSA private key corresponding to the RSA public

key for the SSH user. The key pair on the client is generated at random by the

client software that supports SSH.

You can configure an RSA public key of the client manually or by importing from a

public key file.

■ For the first method, you can configure the host public key of the client to the

server using Copy plus Paste.

■ For the second method, the system automatically converts the public key file

generated by the client software to PKCS codes, and configures the public key

of the client. The public key file of the RSA key must be FTPed/TFTPed to the

server in advance.

CAUTION: When acting as an SSH server, the device cannot FTP the public key of

the client to the server through Secure CRT 4.07.

Follow these steps to configure the RSA public key of the client manually.

Set the SSH user

authentication timeout period

ssh server

authentication-timeout

time-out-value

Optional

60 seconds by default

Set the maximum number of

SSH authentication attempts

ssh server

authentication-retries times

Optional

3 by default

To do... Use the command... Remarks

To do... Use the Command... Remarks

Enter system view system-view -

Enter public key view rsa peer-public-key keyname -

Enter public key editing view public-key-code begin -

Configure the public key of the

client

Enter public key data directly Required

When you enter public

key data, there can be

spaces between

characters, you can also

press Enter to enter data

continuously, and the

configured public key

must be a hexadecimal

string of characters in the

public key format.