Password authentication enabled Stelnet client configuration example

As shown in Figure 125, you can log in to Router B through the Stelnet client running on Router A. Router B acts as the Stelnet server and uses password authentication. The username and password of the client are saved on Router B.

1. Configure the Stelnet server:

   # Generate the RSA key pairs.

   <RouterB> system-view
   [RouterB] public-key local create rsa
   The range of public key size is (512 ~ 2048).
   NOTES: If the key modulus is greater than 512,
   It will take a few minutes.
   Press CTRL+C to abort.
   Input the bits of the modulus[default = 1024]:
   Generating Keys...
   ++++++++
   ++++++++++++++
   +++++
   ++++++++
   

   # Generate a DSA key pair.

   [RouterB] public-key local create dsa 
   The range of public key size is (512 ~ 2048).
   NOTES: If the key modulus is greater than 512,
   It will take a few minutes.
   Press CTRL+C to abort.
   Input the bits of the modulus[default = 1024]:
   Generating Keys...
   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
   +++++++++++++++++++++++++++++++++++
   

   # Enable the SSH server function.

   [RouterB] ssh server enable
   

   # Configure an IP address for interface Ethernet 1/1. The Stelnet client uses this address as the destination address of the SSH connection.

   [RouterB] interface ethernet 1/1
   [RouterB-Ethernet1/1] ip address 192.168.1.40 255.255.255.0
   [RouterB-Ethernet1/1] quit
   

   # Set the authentication mode for the user interfaces to AAA.

   [RouterB] user-interface vty 0 4
   [RouterB-ui-vty0-4] authentication-mode scheme
   

   # Enable the user interfaces to support SSH.

   [RouterB-ui-vty0-4] protocol inbound ssh
   [RouterB-ui-vty0-4] quit
   

   # Create a local user client001 with the password aabbcc and the service type ssh.

   [RouterB] local-user client001
   [RouterB-luser-client001] password simple aabbcc
   [RouterB-luser-client001] service-type ssh
   [RouterB-luser-client001] quit
   

   # Create an SSH user client001 with the service type stelnet and the authentication method password. (Optional. If an SSH user is not created, password is used by default.)

   [RouterB] ssh user client001 service-type stelnet authentication-type password
   

2. Establish a connection to the Stelnet server:

   # Configure an IP address for interface Ethernet 1/1.

   <RouterA> system-view
   [RouterA] interface ethernet 1/1
   [RouterA-Ethernet1/1] ip address 192.168.1.56 255.255.255.0
   [RouterA-Ethernet1/1] quit
   [RouterA] quit
   

   • If the client supports first-time authentication, you can directly establish a connection from the client to the server.

     # Establish an SSH connection to the Stelnet server 192.168.1.40.

     <RouterA> ssh2 192.168.1.40
     Username: client001
     Trying 192.168.1.40 ...
     Press CTRL+K to abort
     Connected to 192.168.1.40 ...
     
     The Server is not authenticated. Continue? [Y/N]:y
     Do you want to save the server public key? [Y/N]:n
     Enter password:
     

     After you enter the correct password, you can log in to Router B successfully.

   • If the client does not support first-time authentication, perform the following configurations:

     # Disable first-time authentication.

     [RouterA] undo ssh client first-time
     

     # Use the display public-key local dsa public command on the server to display the server's host public key.

     # Enter public key view of the client and copy the host public key of the server to the client.

     [RouterA] public-key peer key1
     [RouterA-pkey-public-key] public-key-code begin
     [RouterA-pkey-key-code]308201B73082012C06072A8648CE3804013082011F0281810
     0D757262C4584C44C211F18BD96E5F0
     [RouterA-pkey-key-code]61C4F0A423F7FE6B6B85B34CEF72CE14A0D3A5222FE08CECE
     65BE6C265854889DC1EDBD13EC8B274
     [RouterA-pkey-key-code]DA9F75BA26CCB987723602787E922BA84421F22C3C89CB9B0
     6FD60FE01941DDD77FE6B12893DA76E
     [RouterA-pkey-key-code]EBC1D128D97F0678D7722B5341C8506F358214B16A2FAC4B3
     68950387811C7DA33021500C773218C
     [RouterA-pkey-key-code]737EC8EE993B4F2DED30F48EDACE915F0281810082269009E
     14EC474BAF2932E69D3B1F18517AD95
     [RouterA-pkey-key-code]94184CCDFCEAE96EC4D5EF93133E84B47093C52B20CD35D02
     492B3959EC6499625BC4FA5082E22C5
     [RouterA-pkey-key-code]B374E16DD00132CE71B020217091AC717B612391C76C1FB2E
     88317C1BD8171D41ECB83E210C03CC9
     [RouterA-pkey-key-code]B32E810561C21621C73D6DAAC028F4B1585DA7F42519718CC
     9B09EEF0381840002818000AF995917
     [RouterA-pkey-key-code]E1E570A3F6B1C2411948B3B4FFA256699B3BF871221CC9C5D
     F257523777D033BEE77FC378145F2AD
     [RouterA-pkey-key-code]D716D7DB9FCABB4ADBF6FB4FDB0CA25C761B308EF53009F71
     01F7C62621216D5A572C379A32AC290
     [RouterA-pkey-key-code]E55B394A217DA38B65B77F0185C8DB8095522D1EF044B465E
     8716261214A5A3B493E866991113B2D
     [RouterA-pkey-key-code]485348
     [RouterA-pkey-key-code] public-key-code end
     [RouterA-pkey-public-key] peer-public-key end
     

     # Specify the host public key for the Stelnet server 192.168.1.40 as key1.

     [RouterA] ssh client authentication server 10.165.87.136 assign publickey key1
     [RouterA] quit
     

     # Establish an SSH connection to SSH server 192.168.1.40.

     <RouterA> ssh2 192.168.1.40
     Username: client001
     Trying 192.168.1.40
     Press CTRL+K to abort
     Connected to 192.168.1.40...
     Enter password: 
     

     After you enter the correct username and password, you can log in to Router B successfully.