No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
stelnet

stelnet

Function

The stelnet command enables you to use the STelnet protocol to log in to another device from the current device.

Format

# IPv4 address

stelnet [ -a source-address ] host-ip [ port-number ] [ [ -vpn-instance vpn-instance-name ] | [ identity-key { rsa | ecc } ] | [ user-identity-key { rsa | ecc } ] | [ prefer_kex { dh_group1 | dh_exchange_group } ] | [ prefer_ctos_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_stoc_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 | sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]

# IPv6 address

stelnet ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interface-number ] [ port-number ] [ [ -vpn6-instance vpn-instance-name ] | [ identity-key { rsa | ecc } ] | [ user-identity-key { rsa | ecc } ] | [ prefer_kex { dh_group1 | dh_exchange_group } ] | [ prefer_ctos_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_stoc_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 | sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]

Parameters

Parameter Description Value
ipv6

Specifies an IPv6 address.

-
-a source-address Specifies the STelnet source IP address. -
host-ip Specifies the IP address or host name of the remote IPv4 STelnet server. The value is a string of 1 to 255 case-insensitive characters without spaces. When double quotation marks are used around the string, spaces are allowed in the string.
host-ipv6 Specifies the IPv6 address or host name of the remote IPv6 STelnet server. The value is a string of 1 to 255 case-insensitive characters without spaces. When double quotation marks are used around the string, spaces are allowed in the string.
-oi interface-type interface-number Specifies the outbound interface on the local device. If the IPv6 address of the remote host is linked to a local address, the outbound interface must be specified.
port-number Specifies the port number that the SSH server is listening on. The value is an integer that ranges from 1 to 65535. The default value 22 is the standard port number.
identity-key Specifies the public key for server authentication. The public key algorithm include RSA and ECC.
user-identity-key Specifies the public key algorithm for the client authentication. The public key algorithm include RSA and ECC.
prefer_kex

Specifies the preferred key exchange algorithm. The dh_group1 and dh_exchange_group algorithms are supported currently.

The default key exchange algorithm is dh_group1.

prefer_ctos_cipher

Specifies the preferred encryption algorithm from the client to the server.

Encryption algorithms 3des, aes128, aes128-ctr, aes192-ctr, and aes256-ctr are supported currently.

The default algorithm is aes128.

prefer_stoc_cipher

Specifies the preferred encryption algorithm from the server to the client.

Encryption algorithms 3des, aes128, aes128-ctr, aes192-ctr, and aes256-ctr are supported currently.

The default algorithm is aes128.

prefer_ctos_hmac

Specifies the preferred HMAC algorithm from the client to the server. The sha2_256, sha2_256_96, sha1, sha1_96, md5, and md5_96 algorithms are supported currently.

The default algorithm is sha1_96.

prefer_stoc_hmac

Specifies the preferred HMAC algorithm from the server to the client. The sha2_256, sha2_256_96, sha1, sha1_96, md5, and md5_96 algorithms are supported currently.

The default algorithm is sha1_96.

-vpn-instance vpn-instance-name Specifies the name of the VPN instance to which the IPv4 server belongs. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
-vpn6-instance vpn-instance-name Specifies the name of the VPN instance to which the IPv6 server belongs. The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
-ki aliveinterval Specifies the interval for sending keepalive packets when no packet is received. The value is an integer that ranges from 1 to 3600, in seconds.
-kc alivecountmax Specifies the number of times for no reply of keepalive packets. The value is an integer that ranges from 3 to 10. The default value is 5.

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

Logins through Telnet bring security risks because Telnet does not provide any authentication mechanism and data is transmitted using TCP in plain text. Compared with Telnet, SSH guarantees secure file transfer on a traditional insecure network by authenticating clients and encrypting data in bidirectional mode. The SSH protocol supports STelnet. You can run this command to use STelnet to log in to another device from the current device.

STelnet is a secure Telnet service. SSH users can use the STelnet service in the same way as the Telnet service.

When a fault occurs in the connection between the client and server, the client needs to detect the fault in real time and proactively release the connection. You need to set the interval for sending keepalive packets and the maximum number of times on the client that logs in to the server through STelnet.

  • Interval for sending keepalive packets: If a client does not receive any packet within the specified interval, the client sends a keepalive packet to the server.
  • Maximum number of times the server has no response: If the number of times that the server does not respond exceeds the specified value, the client proactively releases the connection.
Precautions
  • Enable the STelnet service on the SSH server by stelnet server enable command, before connecting the SSH server by using the STelnet command.

  • The SSH client can log in to the SSH server with no port specified only when the server is listening on port 22. If the server is listening on another port, the port number must be specified upon login.

  • 3DES, MD5, MD5_96, SHA1, and SHA1_96 encryption algorithm cannot ensure security. sha2_256, sha2_256_96, AES128, AES128-CTR, AES192-CTR or AES256-CTR encryption algorithm is recommended.

Example

# Set keepalive parameters when the client logs in to the server through STelnet.

<Huawei> system-view
[Huawei] stelnet 10.164.39.209 -ki 10 -kc 4
# Remotely connect to the STelnet server that uses an IPv6 address.
<Huawei> system-view
[Huawei] stelnet ipv6 fc00:2001:db8::1 prefer_ctos_cipher aes128
Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 52768

Downloads: 102

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next