HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

HP A5800 SSH & Telnet Login fails

 
burkhardtgmbh
Occasional Visitor

HP A5800 SSH & Telnet Login fails

Hi,

 

we can't access our A5800 over SSH or Telnet. If we try access over ssh i always get "access denied" after using the web-interface user. If i try to connect over telnet with putty after clicking open, i can see the black console windows for a very short time, then it is closing itself.

 

I'm a beginner on Comware Switches. If it is helpful for you, this is the part in my actual config:

 

ssh server enable
#
 load xml-configuration
#
 load tr069-configuration
#
user-interface aux 0 1
user-interface vty 0 15
 authentication-mode scheme
 protocol inbound ssh

3 REPLIES
TerjeAFK
Respected Contributor

Re: HP A5800 SSH & Telnet Login fails

Try the following config, it works on our 5900 switches:

 

 

line aux 0
 terminal type vt100
 user-role network-admin
 idle-timeout 15 0
#

line vty 0 15
 terminal type vt100
 authentication-mode scheme
 user-role network-admin
 user-role privilege
 protocol inbound ssh
 idle-timeout 0 0

#

 

sdide
Respected Contributor

Re: HP A5800 SSH & Telnet Login fails

Hi,

What is your "scheme"?

You do:

user-interface vty 0 15
 authentication-mode scheme

 

But you do not tell us what scheme you use?

 

To test the telnet part only i recommend, that you use

user-interface vty 0 15

  authentication-mode password

  set authentication password simple <password>

  protocol inbound both

 

Try and login with telnet. You should be prompted for the password.

 

If you want to try ssh, you need to create a user with a password, and then set

 

 

domain system

 authentication login local

default domain system enable

 

and

user-interface vty 0 15

  authentication-mode scheme

 

 

Regards

 

 

 

Søren Dideriksen, Network Administrator
Region Midtjylland
VoIP-Buddy
HPE Pro

Re: HP A5800 SSH & Telnet Login fails

There are a couple more things you are missing...

 

For SSH:

- Make sure you generated the public-key pairs... in system mode, use the public-key local-key command to generate RSA, DSA, or both, key pairs.

- You also need to tell ssh who the ssh user is...

ssh user ssh service-type all authentication-type password

- Your vty setup is fine.  You don't need anything else

 

For Telnet:

- Telnet server enable

 

The users should be set up something like this, depending on what you want to do...

 

local-user admin
password simple <whatever password you like>
authorization-attribute level 3
service-type telnet
service-type ftp


local-user sshuser
password simple <whatever password you like>
authorization-attribute level 3
service-type ssh
service-type ftp

 

The local users can be whatever you'd like.  The authorization level sets user privilege.  Set that as you see fit.

 

If you are going to use FTP, don't forget to do the ftp server enable command as well.

 

Regards,

David