1-43
# Import the client’s public key file Switch001 and name the public key as Switch001.
[SwitchB] public-key peer Switch001 import sshkey Switch001
# Assign public key Switch001 to user client001
[SwitchB] ssh user client001 assign publickey Switch001
# Export the generated RSA host public key pair to a file named Switch002.
[SwitchB] public-key local export rsa ssh2 Switch002
When first-time authentication is not supported, you must first generate a RSA key pair on the server
and save the key pair in a file named Switch002, and then upload the file to the SSH client through FTP
or TFTP.
z Configure Switch A
# Create a VLAN interface on the switch and assign an IP address, which serves as the SSH client’s
address in an SSH connection.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0
[SwitchA-Vlan-interface1] quit
# Generate a RSA key pair
[SwitchA] public-key local create rsa
# Export the generated RSA key pair to a file named Switch001.
[SwitchA] public-key local export rsa ssh2 Switch001
After generating the key pair, you need to upload the key pair file to the server through FTP or TFTP and
complete the server end configuration before you continue to configure the client.
# Disable first-time authentication on the device.
[SwitchA] undo ssh client first-time
When first-time authentication is not supported, you must first generate a RSA key pair on the server
and save the key pair in a file named Switch002, and then upload the file to the SSH client through FTP
or TFTP. For details, refer to the above part “Configure Switch B”.