Comware Based

i have question comware5 vs comware7 configurations ssh client authentication

 
hmju
Occasional Advisor

i have question comware5 vs comware7 configurations ssh client authentication

i have question comware5 vs comware7 configurations

I have question.

ㅇ ssh authentication config.
comware5 config : 
1) ssh client authentication server 192.168.15.2 assign publickey 192.168.15.2
1) ssh client authentication server 192.168.111.4 assign publickey 192.168.111.4

comware7 config : 
1) 
1) 


# full config #
public-key peer 192.168.15.2
public-key-code begin
30820122300D06092A864886F70D01010105000382010F003082010A0282010100CB9A2DAA
141DE457F71030D1BAF9F0FB5CE3539325B81BED6DAB342792D98E60311F483559365C0C7F
A08081D183B858DDAF3AE7EF142552BDDEE28BA6C12FA9B1AE90780EC5010203010001
public-key-code end
peer-public-key end
#
public-key peer 192.168.111.4
public-key-code begin
308201B73082012B06072A8648CE3804013082011E02818100CB253C73497A128A9FA03BAD
3574BE1495FB6C498FC5891FBA6E2684545770316DEFCDD3D81D55BC4EEDAD026FFDFB6EEB
E5476AED681DC605AB882693413919922D3CF734FD56BA06C33018C32963A02BA6CAD5CDA7
19E5E81877A3987B0A4BCF73BFC67E6CAEDB74B7510CE2063DFB9661DB4ADD60F4B893D8
public-key-code end
peer-public-key end
#
ssh client authentication server 192.168.15.2 assign publickey 192.168.15.2
ssh client authentication server 192.168.111.4 assign publickey 192.168.111.4

6 REPLIES 6
akg7
HPE Pro

Re: i have question comware5 vs comware7 configurations ssh client authentication

Hello @hmju ,

 

What is device product number 'JXXXXX' for comware 5 and comware 7?

 

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
-Alex-
HPE Pro

Re: i have question comware5 vs comware7 configurations ssh client authentication

Hello  hmju,

use the following command (please note command is in USER view):

ssh2 server [ port-number ] [ vpn-instance vpn-instance-name ]
[ identity-key { dsa | ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | rsa |
{ x509v3-ecdsa-sha2-nistp256 | x509v3-ecdsa-sha2-nistp384 } pki-domain
domain-name } | prefer-compress zlib | prefer-ctos-cipher { 3des-cbc |
aes128-cbc | aes128-ctr | aes128-gcm | aes192-ctr | aes256-cbc | aes256-ctr
| aes256-gcm | des-cbc } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } | prefer-kex { dh-group-exchange-sha1 |
dh-group1-sha1 | dh-group14-sha1 | ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } | prefer-stoc-cipher { 3des-cbc | aes128-cbc |
aes128-ctr | aes128-gcm | aes192-ctr | aes256-cbc | aes256-ctr | aes256-gcm
| des-cbc } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 | sha2-256 |
sha2-512 } ] * [ dscp dscp-value | escape character | { public-key keyname |
server-pki-domain domain-name } | source { interface interface-type
interface-number | ip ip-address } ] *

Hope this helps!

I am an HPE Employee

Accept or Kudo

-Alex-
HPE Pro

Re: i have question comware5 vs comware7 configurations ssh client authentication

Hello hmju,

 

You may try the following in user view (please check the proper name of the public key as described in the note below):

<HPE>ssh2 192.168.15.2 public-key 192.168.15.2

<HPE>ssh2 192.168.111.4 public-key 192.168.111.4

Hope this helps!

PS:

public-key keyname: Specifies the host public key of the server that the client uses to
authenticate the server. The keyname argument is a case-insensitive string of 1 to 64 characters.

I am an HPE Employee

Accept or Kudo

hmju
Occasional Advisor

Re: i have question comware5 vs comware7 configurations ssh client authentication

comwware5 : HP A10508 Switch Chassis JC612A
comware7 : HP A10508 Switch Chassis JC612A

same device different module(comware5, comware7)

hmju
Occasional Advisor

Re: i have question comware5 vs comware7 configurations ssh client authentication

I don't understand.

comware 5 switch 
display current-configuration

 ssh client authentication server 192.168.15.2 assign publickey 192.168.15.2
 ssh client authentication server 192.168.111.4 assign publickey 192.168.111.4

I want to this config Migration to comware7.
please let me know.

akg7
HPE Pro

Re: i have question comware5 vs comware7 configurations ssh client authentication

Hello @hmju ,

 

I apologies for delayed response.

Agreed with @-Alex- ,the commands he has shared.

These seems to be the replacement in comware 5 into comware 7.

<HPE>ssh2 192.168.15.2 public-key 192.168.15.2

<HPE>ssh2 192.168.111.4 public-key 192.168.111.4

You can refer pg. 387 from config guide into below link:

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=c04770620

 

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo