9 Telnet and SSH
Quidway NetEngine20/20E
Configuration Guide - Basic Configurations
9-12
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Issue 05 (2010-01-30)
peer-public-key end
Quit the public key view and return to the system view.
7.
Run:
ssh user
user-name
assign rsa-key
key-name
The public key is assigned to the SSH users.
----End
z
After the public key editing view is displayed, the RSA public key generated on the client software
can be sent to the server. Copy the RSA public key to the router that serves as the SSH server.
z
Before the peer RSA public key is assigned to the SSH client, the SSH server must be configured
and the peer RSA public key must be the RSA public key of the SSH client.
9.3.6 Configuring the Basic Authentication Information for SSH
Users
Do as follows on the login router:
Step 1
Run:
system-view
The system view is displayed.
Step 2
Run:
ssh server rekey-interval
hours
The interval for updating the server key pair is configured.
Step 3
Run:
ssh server timeout
seconds
The timeout period of the SSH authentication is set.
Step 4
Run:
ssh server authentication-retries
times
The number of retry times of the SSH authentication is set.
----End
9.3.7 Authorizing SSH Users Through the Command Line
The SSH client can be authenticated through four modes: password, rsa, password-rsa, and all. For the
configuration of the command line authorization in password mode, refer to the chapter "AAA and User
Management" in the
Quidway NetEngine20/20E Series Routers Configuration Guide - Security
. This
section describes how to configure the command line authorization in RSA mode.
Do as follows on the login router:
Step 1
Run: