Table 3-2 Configure and destroy RSA key-pairs
Operation Command
Generate RSA key-pairs
rsa local-key-pair create
Destroy the RSA key-pairs
rsa local-key-pair destroy
Caution:
An essential operation underlying a successful SSH login is generating local RSA key-pairs. Before
performing any other SSH configuration tasks, you must generate a local key-pair by configuring the rsa
local-key-pair create command.
It is only necessary for you to execute this command once and you do not have to execute it again after
rebooting the router.
II. Configure Authentication Type for an SSH User
Only SSH users can pass the SSH authentication. There are two SSH authentication
modes: password authentication and RSA authentication. You can use both at the
same time.
When configuring the SSH user, you must set the SSH user’s rights (Administrator,
Operator or Guest) and specify the authentication mode.
Perform the following configuration in system view.
Table 3-3 Configure authentication type for an SSH user
Operation Command
Configure an SSH user
local-user username
service-type ssh
{
administrator
|
operator
|
guest
}
password
{
simple
|
cipher
}
password
Configure an authentication type for
an SSH user
ssh user username
authentication-type
{
password
|
RSA
|
all
}
Remove the authentication type set
for the specified SSH user
undo ssh user username
authentication-type
By default, login authentication type is not specified for users. Login requests are
refused.
Perform this task to set a server key-pair updating interval for securing the SSH
connections to the system.
Perform the following configuration in system view.
Table 3-4 Set server key-pair updating interval
Operation Command
3Com Router Configuration Guide Addendum for V1.20
30