SupportDocumentationWLANAPAirEngine 5700&6700&8700&9700DReference GuidesCommand Reference

WLAN AP AirEngine X700 V600R024C00 MD-CLI Configuration Reference

Configuring an SSH Server

Configuring an SSH Server

Configuring the SSH Server Function and Related Parameters

Context

This section describes how to configure the SSH server function and parameters, including generating the local key pair of the server, enabling the SSH server function, and setting server parameters, such as the port number, listening interface, and PKI realm.

For details about configuration parameters, see huawei-sshs.yang.

To ensure that the SSH algorithm negotiation is successful, the SSH client must support the key exchange algorithm, encryption algorithm, public key algorithm, and HMAC algorithm configured on the SSH server.

The SSH server does not support SSH1.X.

After the SSH service is disabled or the SSH server configuration is modified, the established connection is not torn down and the new configuration takes effect upon the next login.

Procedure

  1. Enter the edit-config mode.

    edit-config

  2. Enable the SSH server function.

    1. Enter the server enabling view.
      sshs server-enable
    2. Enable the SSH server function.
      stelnet-ipv4-enable enable

      By default, the STelnet service is disabled. The STelnet service is enabled by default in factory settings.

    3. Enable the SFTP server function.
      sftp-ipv4-enable enable

      By default, the SFTP service is disabled. The SFTP service is enabled by default in factory settings. After logging in to the server, the client is in the /sftp directory by default and can access subdirectories of the /sftp directory. In addition, the client can switch to the /home directory and its subdirectories. Only one session is supported. Only the read operation is supported, and the write operation is not supported.

  3. Configure the port number of the SSH server.

    1. Enter the port view.
      sshs server-port
    2. Set the server port.
      ipv4-port-number number

      By default, the port number of an SSH server is 22.

  4. Set the source interface of the SSH server.

    sshs ipv4-server-sources ipv4-server-source src-interface src-interface

    By default, the source interface of the SSH server is VLANIF 1.

  5. Configure a PKI realm.

    sshs server 
pki-domain pki-domain

    When the SSH server performs PKI certificate authentication with an SSH client, the identity certificate of the server is obtained from the PKI realm.

  6. Commit the configuration.

    commit

Configuring an SSH User

Context

Configuring an SSH user includes creating an SSH user and configuring a PKI realm for the SSH user.

Procedure

  1. Enter the editing view.

    edit-config

  2. Create an SSH user.

    sshs users user  name  user-name

  3. Configure a PKI realm for the SSH user.

    pub-key-type PKI key-name key-name

    pub-key-type specifies the public key type. Currently, only PKI is supported. key-name specifies the name of the PKI realm bound to the user.

  4. Commit the configuration.

    commit

Translation
Favorite
Download
Update Date:2024-10-17
Document ID:EDOC1100411635
Views:14797
Downloads:159
Average rating:0.0Points

Related Documents

Digital Signature File

digtal sigature tool