210
authentication result. The device supports using the publickey algorithms RSA and DSA for digital
signature.
The following gives the steps of the authentication stage:
1.
The client sends the server an authentication request that includes the username, authentication
method (password authentication or publickey authentication), and information related to the
authentication method (for example, the password in the case of password authentication).
2.
The server authenticates the client. If the authentication fails, the server sends the client a message
to inform the client of the failure and the methods available for re-authentication.
3.
The client selects a method from the list to initiate another authentication.
4.
The process repeats until the authentication succeeds, or the number of failed authentication
attempts exceeds the maximum of authentication attempts and the session is torn down.
NOTE:
In addition to password authentication and publickey authentication, SSH2.0 also provides the
following authentication methods:
password-publickey
—Performs both password authentication and publickey authentication if the client is using
SSH2.0 and performs either if the client is running SSH1.
any
—Performs either password authentication or publickey authentication.
Session request
After passing authentication, the client sends a session request to the server, and the server listens to and
processes the request from the client. After successfully processing the request, the server sends an
SSH_SMSG_SUCCESS packet to the client and goes on to the interaction stage with the client. Otherwise,
the server sends an SSH_SMSG_FAILURE packet to the client to indicate that the processing has failed or
it cannot resolve the request.
Interaction
In this stage, the server and the client exchanges data in the following way:
The client encrypts and sends the command to be executed to the server.
The server decrypts and executes the command, and then encrypts and sends the result to the client.
The client decrypts and displays the result on the terminal.
NOTE:
In the interaction stage, you can execute commands from the client by pasting the commands in text format—the
text must be within 2000 bytes. The commands should be in the same view. Otherwise, the server might not be
able to perform the commands correctly.
If the command text exceeds 2000 bytes, you can execute the commands by saving the text as a configuration
file, uploading the configuration file to the server through Secure FTP (SFTP), and then using the configuration file
to restart the server.
Configuring the device as an SSH server
SSH server configuration task list
Complete the following tasks to configure an SSH server: