3com 5500G ユーザーズマニュアル

Figure 90   Network diagram for configuring the switch to act as the SSH server and use 
RSA authentication

 

In scenarios where users log into a switch over an insecure network, SSH can be 
used to ensure the security of data exchange to the maximum extent. As shown in 
Figure 90, establish an SSH connection between the host (SSH client) and the 
switch (SSH server) for secure data exchange. The host runs SSH2 client software. 
RSA authentication is required.

■

Configure the SSH server

# Create a VLAN interface on the switch and assign an IP address for it. The SSH 
client will use this address as the destination for SSH connection.

<3Com> system-view

[3Com] interface vlan-interface 1

[3Com-Vlan-interface1] ip address 192.168.0.1 255.255.255.0

[3Com-Vlan-interface1] quit 

# Generate an RSA key pair.

[3Com] rsa local-key-pair create 

# Set the authentication mode for the user interfaces to AAA.

[3Com] user-interface vty 0 4

[3Com-ui-vty0-4] authentication-mode scheme 

# Enable the user interfaces to support SSH.

[3Com-ui-vty0-4] protocol inbound ssh 

# Set the client’s command privilege level to 3.

Host

Switch

192.168.0.2/24

Vlan -int1

192 .168 .0.1/24

Switch 5500

Release V03.02.04 

All versions

Switch 5500G

Release V03.02.04 

All versions

Switch 4500

Release V03.03.00 

All versions

Switch 4210

Release V03.01.00 

All versions