3com 8807 User Guide
SSH Terminal Service
771
■
The server initiates a procedure to authenticate the user. If the server is
configured not to authenticate the user, the process proceeds to session
request phase directly.
configured not to authenticate the user, the process proceeds to session
request phase directly.
■
The client employs an authentication mode to authenticate the server till the
authentication succeeds or the server tears down the connection because of
timeout.
authentication succeeds or the server tears down the connection because of
timeout.
n
SSH provides two authentication modes: password authentication and RSA
authentication.
authentication.
1 Password authentication procedure:
■
The client sends the username and password to the server;
■
The server compares the username and password sent from the client with the
local configuration. If it finds an exact match, the authentication succeeds.
local configuration. If it finds an exact match, the authentication succeeds.
2 RSA authentication procedure:
■
The server configures an RSA public key for the client;
■
The client sends its RSA public key member module to the server;
■
The server performs validity authentication on the member module. If the
authentication succeeds, the server generates a random number, encrypts it
using the RSA public key from the client, and sends the encrypted information
back to the client;
authentication succeeds, the server generates a random number, encrypts it
using the RSA public key from the client, and sends the encrypted information
back to the client;
■
Both the server and the client uses the random number and the session ID with
the length of 16 characters as parameters to calculate the authentication data;
the length of 16 characters as parameters to calculate the authentication data;
■
The client sends the authentication data it generates to the server;
■
The server compares the authentication data from the client with that locally
calculated. If they match, the authentication succeeds.
calculated. If they match, the authentication succeeds.
3 Session request: If the authentication succeeds, the client sends a session request
to the server. When the server has successfully processed the request, SSH enters
the interactive session phase.
the interactive session phase.
4 Interactive session: The client and the server exchange data till the session is over.
SSH Server
Configuration
The following table describes the SSH server configuration tasks.
Table 713 SSH2.0 configuration tasks
Operation
Command
Description
Enter system view
system-view
-
Enter user interface view of
VTY type
VTY type
user-interface vty X X
-
Set the protocol supported by
current user interface
current user interface
protocol inbound { all | ssh |
telnet }
telnet }
Optional
Return to system view
quit
-
Generate a local RSA key pair rsa local-key-pair create
Required
Destroy a local RSA key pair
rsa local-key-pair destroy
Optional
Configure the SSH user
authentication mode
authentication mode
ssh user username [
authentication-type {
password | rsa |
password-publickey | all } ]
authentication-type {
password | rsa |
password-publickey | all } ]
Required
By default, users are unable to
log in.
log in.