3Com 10014303 Network Router User Manual


 
To set up a secure and authenticated SSH connection, the server and client must go
through the communication procedure that falls into five stages; version negotiation,
key algorithm negotiation, authentication type negotiation, session request, and
session interaction.
3.1 Configuring SSH
The basic configuration of SSH is required for the SSH Client to connect to the SSH
Server (router) successfully. Advanced SSH configurations are optional.
Basic SSH configurations include:
Set the protocol supported by the system and the allowed maximum number of
connections
Configure and destroy the local RSA key-pair
Configure authentication type for an SSH user
Advanced SSH configurations include:
Set the interval for updating server key
Set timeout time in SSH authentication
Set the number of SSH authentication retries
Access the public key view and edit the key
Assign a public key to an SSH user
The default remote login protocol is Telnet, instead of SSH. You must set the remote
login protocol supported by the system to SSH and set the maximum number of the
connections.
Perform the following configuration in system view.
Table 3-1 Set remote login protocol and the maximum number of connections
Operation Command
Set the remote login protocol supported by
the system and the allowed maximum
number of connections
protocol inbound
{
ssh
|
telnet
}
numbers
[
acl acl-number
]
By default, only Telnet is supported (in this case, up to five simultaneous connections
are allowed), SSH login is not supported, and ACL is not used.
Perform this task to generate server and host key-pairs. If there exist RSA key-pairs,
the system will ask if you want to replace the existing keys. The generated key-pairs
are represented by “router name + server” and “router name + host”. A server key-pair
and a host key-pair have a difference of at least 128 bits in size. Both of them have
the same minimum and maximum sizes, i.e., 512 bits and 2048 bits.
Perform the following configuration in system view.
3Com Router Configuration Guide Addendum for V1.20
29