Follow these steps to enable the device to support first-time authentication:

To do…

Use the command…

Remarks

Enter system view

system-view

 

 

 

Enable the device to support

 

Optional

ssh client first-time enable

By default, the client is enabled

first-time authentication

 

to run initial authentication.

 

 

 

 

 

Follow these steps to disable first-time authentication support:

 

To do…

 

Use the command…

 

Remarks

 

Enter system view

 

system-view

 

 

 

 

 

 

 

 

Disable first-time authentication

 

 

 

Required

 

 

undo ssh client first-time

 

By default, the client is enabled

 

support

 

 

 

to run first-time authentication.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Required

 

Configure server public key

 

Refer to Configuring the Client

 

The method of configuring

 

 

 

server public key on the client is

 

 

Public Key on the Server

 

 

 

 

 

similar to that of configuring

 

 

 

 

 

 

 

 

 

 

client public key on the server.

 

 

 

 

 

 

 

Specify the host key name of

 

ssh client { server-ip

 

 

 

 

server-name } assign

 

Required

 

the server

 

{ publickey rsa-key }

 

 

 

 

 

 

 

 

keyname

 

 

 

 

 

 

 

 

Establish the connection between the SSH client and server

The client’s method of establishing an SSH connection to the SSH server varies with authentication types. See the table below for details.

Follow these steps to establish an SSH connection:

 

To do…

 

Use the command…

Remarks

 

Enter system view

 

system-view

 

 

 

 

 

 

 

 

 

Required

 

 

 

ssh2 { host-ip host-name }

In this command, you can also

 

 

 

specify the preferred key

 

 

 

[ port-num] [ identity-key { dsa

 

 

 

rsa } prefer_kex

exchange algorithm, encryption

 

 

 

algorithms and HMAC

 

 

 

{ dh_group1

 

 

 

algorithms between the server

 

 

 

dh_exchange_group }

 

Start the client to establish a

 

and client.

 

 

prefer_ctos_cipher { des

 

 

 

 

connection with an SSH server

 

aes128 } prefer_stoc_cipher

HMAC: Hash-based message

 

 

 

{ des aes128 }

authentication code

 

 

 

prefer_ctos_hmac { sha1

Note that:

 

 

 

sha1_96 md5 md5_96 }

 

 

 

The identity-keykeyword is

 

 

 

prefer_stoc_hmac { sha1

 

 

 

unnecessary in password

 

 

sha1_96 md5 md5_96 } ] *

 

 

authentication and optional in

 

 

 

 

 

 

 

 

public key authentication.

 

 

 

 

 

1-20

Page 517
Image 517
3Com WX3000 operation manual Establish the connection between the SSH client and server