[SwitchB-Vlan-interface1] quit
Generating the RSA key pair on the server is prerequisite to SSH login.
# Generate RSA key pair.
[SwitchB] public-key local create rsa
# Set the authentication mode for the user interfaces to AAA.
[SwitchB] user-interface vty 0 4
[SwitchB-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[SwitchB-ui-vty0-4] protocol inbound ssh
# Set the user command privilege level to 3.
[SwitchB-ui-vty0-4] user privilege level 3
[SwitchB-ui-vty0-4] quit
# Specify the authentication type of user client001 as publickey.
[SwitchB] ssh user client001 authentication-type publickey
Before doing the following steps, you must first generate a RSA public key pair on the client and save
the key pair in a file named Switch001, and then upload the file to the SSH server through FTP or TFTP.
For details, refer to “Configure Switch A”.
# Import the client public key pair named Switch001 from the file Switch001.
[SwitchB] public-key peer Switch001 import sshkey Switch001
# Assign the public key Switch001 to user client001.
[SwitchB] ssh user client001 assign publickey Switch001
z
Configure Switch A
# Create a VLAN interface on the switch and assign an IP address, which serves as the SSH client’s
address in an SSH connection.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 10.165.87.137 255.255.255.0
[SwitchA-Vlan-interface1] quit
# Generate a RSA key pair
[SwitchA] public-key local create rsa
# Export the generated RSA key pair to a file named Switch001.
[SwitchA] public-key local export rsa ssh2 Switch001