No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FAQ-How to Configure the NE80E Serving as the SSH Server So That Users Can Access the Server Through PCs and Other Network Devices

Publication Date:  2012-07-27 Views:  34 Downloads:  0
Issue Description
Q:
At a site, it is required to use the NE80E as the SSH server, which should be accessible to the PCs and other network devices that work as SSH clients. How should the NE80E be configured to meet such requirements? 
 
Alarm Information
Null
Handling Process
A:
1. Do as follows to configure the NE80E as the SSH server:
a. Run the rsa local-key-pair create command in the system view. An RSA local key pair is generated.
b. Run the following commands in the AAA view:
aaa
local-user huawei password simple huawei
local-user huawei service-type ssh
local-user huawei level 3
c. Run the following commands in the system view:
ssh user huawei
ssh user huawei authentication-typ password
ssh user huawei service-type stelnet //Set service-type to STelnet for the user whether the user accesses the NE80E through a PC or a router.
d. Run the stelnet server enable command in the system view. //Enable STelnet on the server.
e. Run the ssh client first-time enable command in the system view. //Enable first-time authentication. The first-time authentication is to tell the user that this is the first time that he or she has accessed the server and request the user to confirm whether the server is the one he or she really wants to access.
f. Run the user-interface vty 0 4 command. Then run the other two commands as follows to complete the configuration:
user-interface vty 0 4
authentication-mode aaa
protocol inbound all //Permit both Telnet and SSH.
2. Do as follows to configure the client:
Run the ssh client first-time enable command in the system view. //Enable first-time authentication. The first-time authentication is to tell the user that this is the first time that he or she has accessed the server and request the user to confirm whether the server is the one he or she really wants to access.
3. When a PC is used as the client, SSH connection is applicable. PuTTY is recommended for use.
4. Example: When accessing the NE80E through STelnet from a router of Huawei, run the stelnet x.x.x.x command in the system view.
The following is an example for accessing the said NE80E through STelnet from another NE80E:
[NE80E-214]stelnet 127.0.0.1
Please input the username:8090
Trying 127.0.0.1 ...
Press CTRL+K to abort
Connected to 127.0.0.1 ...
The server is not authenticated. Continue to access it? [Y/N] :y
Save the server’s public key? [Y/N] :y
The keyname:127.0.0.1 already exists. Update it? [Y/N]: y
Enter password:
*********************************************************
* All rights reserved (2000-2008) *
* Without the owner’s prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
* Notice: *
* This is a private communication system. *
* Unauthorized access or use may lead to prosecution. *
*********************************************************
Info: The max number of VTY users is 20, and the number
of current VTY users on line is 2.
<NE80E-214> 
 
Root Cause
Null
Suggestions
Null

END