No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
stelnet

stelnet

Function

The stelnet command enables you to use the STelnet protocol to log in to another device from the current device.

Format

# IPv4 address

stelnet [ -a source-address ] host-ip [ port-number ] [ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]

# IPv6 address

stelnet ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interface-number ] [ port-number ] [ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]

Parameters

Parameter Description Value
-a source-address Specifies the STelnet source IP address.

IPv4: The value is in dotted decimal notation.

IPv6: The value is a 32-digit hexadecimal number, in the X:X:X:X:X:X:X:X format.

host-ip Specifies the IP address or host name of the remote IPv4 STelnet server.

The value is a string of 1 to 255 case-insensitive characters without spaces.

host-ipv6 Specifies the IPv6 address or host name of the remote IPv6 STelnet server.

The value is a string of 1 to 255 case-insensitive characters without spaces.

-oi interface-type interface-number Specifies the outbound interface on the local device.

If the IPv6 address of the remote host is linked to a local address, the outbound interface must be specified.

port-number Specifies the port number that the SSH server is listening on.

The value is an integer that ranges from 1 to 65535. The default value 22 is the standard port number.

identity-key Specifies the public key for server authentication.

The public key algorithm includes rsa and ecc.

NOTE:
To improve security, it is not recommended that you use RSA as the authentication algorithm.
user-identity-key Specifies the public key algorithm for the client authentication.

The public key algorithm includes rsa and ecc.

NOTE:
To improve security, it is not recommended that you use RSA as the authentication algorithm.
prefer_kex prefer_key-exchange Specifies the preferred key exchange algorithm.

The dh_group1, dh_exchange_group, and dh_group14_sha1 algorithms are supported currently. The default key exchange algorithm is dh_group14_sha1.

NOTE:

The dh_exchange_group algorithm is recommended.

  • If a key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select a key exchange algorithm from the list.
  • If no key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select one from dh_group1, dh_exchange_group, dh_group14_sha1.
prefer_ctos_cipher prefer_ctos_cipher Specifies the preferred encryption algorithm from the client to the server.

The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128.

NOTE:
  • If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list.
  • If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr.
prefer_stoc_cipher prefer_stoc_cipher Specifies the preferred encryption algorithm from the server to the client.

The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128.

NOTE:
  • If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list.
  • If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr.
prefer_ctos_hmac prefer_ctos_hmac Specifies the preferred HMAC algorithm from the client to the server.

The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256.

NOTE:
  • If an HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select an HMAC algorithm from the list.
  • If no HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96.
prefer_stoc_hmac prefer_stoc_hmac Specifies the preferred HMAC algorithm from the server to the client.

The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256.

NOTE:
  • If an HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select an HMAC algorithm from the list.
  • If no HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96.
-ki aliveinterval Specifies the interval for sending keepalive packets when no packet is received.

The value is an integer that ranges from 1 to 3600, in seconds.

-kc alivecountmax Specifies the number of times for no reply of keepalive packets.

The value is an integer that ranges from 3 to 10. The default value is 5.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Logins through Telnet bring security risks because Telnet does not provide any authentication mechanism and data is transmitted using TCP in plain text. Compared with Telnet, SSH guarantees secure file transfer on a traditional insecure network by authenticating clients and encrypting data in bidirectional mode. The SSH protocol supports STelnet. You can run this command to use STelnet to log in to another device from the current device.

STelnet is a secure Telnet service. SSH users can use the STelnet service in the same way as the Telnet service.

When a fault occurs in the connection between the client and server, the client needs to detect the fault in real time and proactively release the connection. You need to set the interval for sending keepalive packets and the maximum number of times on the client that logs in to the server through STelnet.

  • Interval for sending keepalive packets: If a client does not receive any packet within the specified interval, the client sends a keepalive packet to the server.
  • Maximum number of times the server has no response: If the number of times that the server does not respond exceeds the specified value, the client proactively releases the connection.
Precautions
  • The SSH client can log in to the SSH server with no port specified only when the server is listening on port 22. If the server is listening on another port, the port number must be specified upon login.

  • To improve data transmission security, AES128 or a more secure algorithm is recommended.

Example

# Set keepalive parameters when the client logs in to the server through STelnet.

<Huawei> system-view
[Huawei] stelnet 10.164.39.209 -ki 10 -kc 4
# Remotely connect to the STelnet server that uses an IPv6 address.
<Huawei> system-view
[Huawei] stelnet ipv6 fe80::100 prefer_ctos_cipher aes128
Related Topics
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 127515

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next