3com 4210 PWR 9-Port 3CR17341-91-ME ユーザーズマニュアル
製品コード
3CR17341-91-ME
Configuring the SSH Server
393
remote server. And the user can use its username and password configured on
the remote server to access the network.
the remote server to access the network.
■
Both publickey and rsa indicate public key authentication. They are
implemented with the same method.
implemented with the same method.
■
Under the publickey authentication mode, the level of commands available to
a logged-in SSH user can be configured using the user privilege level
command on the server, and all the users with this authentication mode will
enjoy this level.
a logged-in SSH user can be configured using the user privilege level
command on the server, and all the users with this authentication mode will
enjoy this level.
■
Under the password or password-publickey authentication mode, the level
of commands available to a logged-in SSH user is determined by the AAA
scheme. Meanwhile, for different users, the available levels of commands are
also different.
of commands available to a logged-in SSH user is determined by the AAA
scheme. Meanwhile, for different users, the available levels of commands are
also different.
■
Under the all authentication mode, the level of commands available to a
logged-in SSH user is determined by the actual authentication method used for
the user.
logged-in SSH user is determined by the actual authentication method used for
the user.
Specifying a Service
Type for an SSH User
c
CAUTION: If the ssh user service-type command is executed with a username
that does not exist, the system will automatically create the SSH user. However,
the user cannot log in unless you specify an authentication type for it.
that does not exist, the system will automatically create the SSH user. However,
the user cannot log in unless you specify an authentication type for it.
Configuring SSH
Management
The SSH server provides a number of management functions that prevent illegal
operations such as malicious password guess, to further guarantee the security of
SSH connections.
operations such as malicious password guess, to further guarantee the security of
SSH connections.
c
CAUTION:
■
You can configure a login header only when the service type is stelnet. For
configuration of service types, see “Specifying a Service Type for an SSH User”.
configuration of service types, see “Specifying a Service Type for an SSH User”.
Table 305 Specify the service type of an SSH user:
Operation
Command
Remarks
Enter system view
system-view
-
Specify a service type for an
SSH user
SSH user
ssh user username
service-type { stelnet | sftp |
all }
service-type { stelnet | sftp |
all }
Required
stelnet by default
Table 306 Configure SSH management
Operation
Command
Description
Enter system view
system-view
-
Set SSH authentication
timeout time
timeout time
ssh server timeout seconds Optional
By default, the timeout time is
60 seconds.
60 seconds.
Set SSH authentication retry
times
times
ssh server
authentication-retries times
authentication-retries times
Optional
By default, the number of
retry times is 3.
retry times is 3.
Configure a login header
header shell text
Optional
By default, no login header is
configured.
configured.