Manualsbrain.com
  1. Manuals
  2. Brands
  3. 3com
  4. S7906E
  5. Installation Instruction

3com S7906E Installation Instruction

Download
Page of 2621
 
1-5 
Task 
Remarks 
Required for publickey authentication users and 
optional for password authentication users 
Optional 
Optional 
 
Generating a DSA or RSA Key Pair 
The DSA or RSA key pair will be used to generate the session ID in the key and algorithm negotiation 
stage and used by the client to authenticate the server. 
Follow these steps to generate a DSA or RSA key pair on the SSH server: 
To do… 
Use the command… 
Remarks 
Enter system view 
system-view 
— 
Generate the local DSA or RSA 
key pair 
public-key local create dsa | 
rsa 
Required 
By default, there is neither DSA 
key pair nor RSA key pair. 
 
 
For details about the public-key local create command, refer to Public Key Commands in the 
Security Volume
To ensure that all SSH clients can log into the SSH server successfully, you are recommended to 
generate both DSA and RSA key pairs on the SSH server. This is because different SSH clients 
may use different publickey algorithms, though a single client usually uses only one type of 
publickey algorithm. 
The public-key local create rsa command generates two RSA key pairs: a server key pair and a 
host key pair. Each of the key pairs consists of a public key and a private key. The public key in the 
server key pair of the SSH server is used in SSH1 to encrypt the session key for secure 
transmission of the key. As SSH2 uses the DH algorithm to generate the session key on the SSH 
server and client respectively, no session key transmission is required in SSH2 and the server key 
pair is not used. 
The length of the modulus of RSA server keys and host keys must be in the range 512 to 2048 bits. 
Some SSH2 clients require that the length of the key modulus be at least 768 bits on the SSH 
server side. 
The  public-key local create dsa command generates only the host key pair. SSH1 does not 
support the DSA algorithm. 
The length of the modulus of DSA host keys must be in the range 512 to 2048 bits. Some SSH2 
clients require that the length of the key modulus be at least 768 bits on the SSH server side. 
 
Enabling SSH Server 
Follow these steps to enable SSH server: