329
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
<SwitchB>
After you enter the correct password, you can log in to Switch B successfully. The server's host
public key is saved on the client. At the next connection attempt, the system will not notify you
to authenticate the server.
Publickey authentication enabled Stelnet client configuration
example
Network requirements
As shown in
•
You can log in to Switch B through the Stelnet client that runs on Switch A.
•
After login, you are assigned the user role network-admin for configuration management.
•
Switch B acts as the Stelnet server and uses publickey authentication and the DSA public key
algorithm.
Figure 97
Network diagram
Configuration procedure
In the server configuration, the client public key is required. Use the client software to generate a DSA key
pair on the client before configuring the Stelnet server.
1.
Configure the Stelnet client:
# Assign an IP address to VLAN-interface 2.
<SwitchA> system-view
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] ip address 192.168.1.56 255.255.255.0
[SwitchA-Vlan-interface2] quit
# Generate a DSA key pair.
[SwitchA] public-key local create dsa
The range of public key size is (512 ~ 2048).
If the key modulus is greater than 512, it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys...
.++++++++++++++++++++++++++++++++++++++++++++++++++*
........+......+.....+......................................+
...+.................+..........+...+
Create the key pair successfully.
# Export the DSA host public key to file
key.pub
.