Technical data
374 CHAPTER 11: SYSTEM MANAGEMENT
Configuring and Cancelling a Local RSA Key Pair
In executing this command, if you have configured an RSA host key pair, the
system gives an alarm after using this command and prompts that the existing one
will be replaced. The server key pair is created dynamically by the SSH server.
The maximum bit range of both key pairs is 2048 bits and the minimum is 512.
Perform the following configurations in system view.
CAUTION: For a successful SSH login, you must configure and generate the local
RSA key pairs. To generate local key pairs, you need to execute the command
once, with no further action required even after the system is rebooted.
Configuring the Authentication Type
For a new user, you must specify the authentication type or the new user cannot
access the switch.
Perform the following configurations in system view.
If the configuration is the RSA authentication type, then the RSA public key of
client user must be configured on the switch, to perform the 7 and 8 serial
number marked configuration.
By default, no authentication type is specified for a new user, so the user cannot
access the switch.
Defining the Update Interval of the Server Key
Perform the following configurations in system view.
By default, the system does not update the server key.
Tab le 81 Configuring and Cancelling a Local RSA Key Pair
Operation Command
Configure the local RSA key pair rsa local-key-pair create
Cancel local RSA key pair rsa local-key-pair destroy
Tab le 82 Configuring the Authentication Type
Operation Command
Configure authentication type ssh user username authentication-type {
password | rsa | all }
Remove authentication type setting undo ssh user username
authentication-type
Tab le 83 Defining the Update Interval of the Server Key
Operation Command
Define the update interval of the server key ssh server rekey-interval hours