Comware

Hi,

I want to configure SSH Key based Authentication on HPE-5510 / HP-1950 and Aruba-2530

Can anyone guide me how to configure the same 

Manish

For HPE 5510 (Comware OS)

# Enter system view
system-view

# Create a local user with SSH and RSA access
local-user admin
 password irreversible-cipher YOUR_PASSWORD
 service-type ssh
 authorization-attribute user-role network-admin
 quit

# Enable the SSH server
stelnet server enable

# Generate local RSA key pair (if not already generated)
public-key local create rsa

# Import your public key (you can paste from your PC's `id_rsa.pub`)
public-key local create rsa
#
public-key peer user-key
 key-string
  <paste your public key here, no line breaks>
  quit
 quit

# Bind key to user
local-user admin
 rsa peer user-key
 quit

# Enable VTY and SSH
user-interface vty 0 4
 authentication-mode scheme
 protocol inbound ssh
 quit

# Save config
save force

For HP1950 (This offers only Web Based and Limited SSH Key Support)

Go to Security > SSH and if your firmware supports it, you have to upload the user public key. If it doesn't then you will be limited to use password-based SSH for this model.

For Aruba 2530 (Aruba OS):

# Enter config mode
configure terminal

# Create user with SSH public key
crypto key generate ssh rsa
user admin class manager
  ssh public-key <paste your SSH public key here>
exit

# Enable SSH
ip ssh
crypto key generate ssh rsa

# Configure VTY access
line vty 0 4
 login local
 transport input ssh
exit

write memory

Hi,

I want to configure SSH Key based Authentication on HPE-5510 / HP-1950 and Aruba-2530

Can anyone guide me how to configure the same 

Manish

Hi

Thanks

Since the switches are in production, hope it will not create any issue ?

For HPE 5510 (Comware OS)

# Enter system view
system-view

# Create a local user with SSH and RSA access
local-user admin
 password irreversible-cipher YOUR_PASSWORD
 service-type ssh
 authorization-attribute user-role network-admin
 quit

# Enable the SSH server
stelnet server enable

# Generate local RSA key pair (if not already generated)
public-key local create rsa

# Import your public key (you can paste from your PC's `id_rsa.pub`)
public-key local create rsa
#
public-key peer user-key
 key-string
  <paste your public key here, no line breaks>
  quit
 quit

# Bind key to user
local-user admin
 rsa peer user-key
 quit

# Enable VTY and SSH
user-interface vty 0 4
 authentication-mode scheme
 protocol inbound ssh
 quit

# Save config
save force

For HP1950 (This offers only Web Based and Limited SSH Key Support)

Go to Security > SSH and if your firmware supports it, you have to upload the user public key. If it doesn't then you will be limited to use password-based SSH for this model.

For Aruba 2530 (Aruba OS):

# Enter config mode
configure terminal

# Create user with SSH public key
crypto key generate ssh rsa
user admin class manager
  ssh public-key <paste your SSH public key here>
exit

# Enable SSH
ip ssh
crypto key generate ssh rsa

# Configure VTY access
line vty 0 4
 login local
 transport input ssh
exit

write memory

Hi,

I want to configure SSH Key based Authentication on HPE-5510 / HP-1950 and Aruba-2530

Can anyone guide me how to configure the same 

Manish

Well, the VTY Access (Remote Access) will for sure cause issues for the administrators who will manage the device Remotely. I would suggest you to do the changes locally (not from an SSH Session). Try to perform changes when there is low-usage (during after hours maybe). Also, backup the configuration just in case.

Hi

Thanks

Since the switches are in production, hope it will not create any issue ?

For HPE 5510 (Comware OS)

# Enter system view
system-view

# Create a local user with SSH and RSA access
local-user admin
 password irreversible-cipher YOUR_PASSWORD
 service-type ssh
 authorization-attribute user-role network-admin
 quit

# Enable the SSH server
stelnet server enable

# Generate local RSA key pair (if not already generated)
public-key local create rsa

# Import your public key (you can paste from your PC's `id_rsa.pub`)
public-key local create rsa
#
public-key peer user-key
 key-string
  <paste your public key here, no line breaks>
  quit
 quit

# Bind key to user
local-user admin
 rsa peer user-key
 quit

# Enable VTY and SSH
user-interface vty 0 4
 authentication-mode scheme
 protocol inbound ssh
 quit

# Save config
save force

For HP1950 (This offers only Web Based and Limited SSH Key Support)

Go to Security > SSH and if your firmware supports it, you have to upload the user public key. If it doesn't then you will be limited to use password-based SSH for this model.

For Aruba 2530 (Aruba OS):

# Enter config mode
configure terminal

# Create user with SSH public key
crypto key generate ssh rsa
user admin class manager
  ssh public-key <paste your SSH public key here>
exit

# Enable SSH
ip ssh
crypto key generate ssh rsa

# Configure VTY access
line vty 0 4
 login local
 transport input ssh
exit

write memory

Hi,

I want to configure SSH Key based Authentication on HPE-5510 / HP-1950 and Aruba-2530

Can anyone guide me how to configure the same 

Manish