Technical data

ManualsBrandsAlcatel ManualsComputer equipment7700

381

382

383

384

385

386

387

388

389

390

SSH Terminal Services 373

which compares it with the local authentication data. If the data match, the

user is allowed to access the switch. Otherwise, the authentication process

fails.

■ Session request: The client sends session request messages to the server

which processes the request messages.

■ Interactive session: Both ends exchange data until the session ends.

Session packets are encrypted in transfer and the session key is generated

randomly. Encryption is used in exchanging session key and RSA authentication

achieves key exchange without transfer over the network. The authentication will

also start even if the username received is not configured at the server so malicious

intruders cannot judge whether a username they key in exists or not. This is also a

way to protect the username.

Configuring the SSH

Server

Basic configuration tasks refer to those required for successful connection

between the SSH client and server. Advanced configuration tasks are those that

modify SSH parameters.

Configuration tasks on the SSH server are described in the following sections:

■ Setting the System Protocol

■ Configuring and Cancelling a Local RSA Key Pair

■ Configuring the Authentication Type

■ Defining the Update Interval of the Server Key

■ Defining the SSH Authentication Timeout Value

■ Defining the SSH Authentication Retry Value

■ Entering the Public Key Edit View and Editing a Public Key

■ Associating a Public Key with an SSH User

Setting the System Protocol

By default, the system only supports the Telnet protocol, so you must specify the

SSH protocol for the system before enabling SSH.

Perform the following configuration in system view.

CAUTION: If the SSH protocol is specified, to ensure a successful login, you must

configure the AAA authentication using the authentication-mode scheme

command. The

protocol inbound ssh configuration fails if you configure

authentication-mode password and authentication-mode none. When you

configure the SSH protocol successfully for the user interface, then you cannot

configure

authentication-mode password and authentication-mode none any

more.

Table 80 Setting the System Protocol

Operation Command

Set system protocol and link maximum protocol inbound { all | ssh | telnet }