EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #287 background imageLoading...
Page #287 background image
276
To do… Use the command…
Remarks
Generate a DSA or RSA key pair public-key local create { dsa | rsa }
Required
By default, neither DSA key pair
nor RSA key pair exists.
NOTE:
• For more information about the public-key local create command, see
Security Command Reference
.
• To support SSH clients that use different types of key pairs,
g
enerate both DSA and RSA key pairs on the
SSH server.
• The public-key local create rsa command generates a server RSA key pair and a host RSA key pair.
Each of the key pairs consists of a public key and a private key. The public key in the server key pair of
the SSH server is used in SSH1 to encrypt the session key for secure transmission of the key. As SSH2.0
uses the DH algorithm to generate the session key on the SSH server and client respectively, no session
key transmission is required in SSH2.0 and the server key pair is not used.
• The length of the modulus of RSA server keys and host keys must be in the range of 512 to 2048 bits.
Some SSH2.0 clients require that the length of the key modulus be at least 768 bits on the SSH server
side.
• The public-key local create dsa command
g
enerates only the host key pair. SSH1 does not support the
DSA algorithm.
• The length of the modulus of DSA host keys must be in the range of 512 to 2048 bits. Some SSH2.0
clients require that the length of the key modulus be at least 768 bits on the SSH server side.
Enabling the SSH server function
Follow these steps to enable the SSH server function:
To do… Use the command…
Remarks
Enter system view system-view —
Enable the SSH server function ssh server enable
Required
Disabled by default
Configuring the user interfaces for SSH clients
An SSH client accesses the switch through a VTY user interface. You must configure the user interfaces for
SSH clients to allow SSH login. The configuration takes effect only for clients that log in after the
configuration.
Follow these steps to configure the protocols for a user interface to support:
To do… Use the command…
Remarks
Enter system view system-view —
Enter user interface view of one or
more user interfaces
user-interface vty number
[ ending-number ]
—
Set the login authentication mode
to scheme
authentication-mode scheme
Required
By default, the authentication
mode is password.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals