Huawei switch: Difference between revisions

From T2B Wiki
Jump to navigation Jump to search
(Created page with "==== Enable SSH key-based connection ==== <pre>> rsa peer-public-key MYNAME > public-key-code begin</pre> then you need to convert the opennssh ssh-rsa public key to this exa...")
 
 
(2 intermediate revisions by 2 users not shown)
Line 9: Line 9:
-----END RSA PUBLIC KEY-----</pre>
-----END RSA PUBLIC KEY-----</pre>


past it in [http://tomeko.net/online_tools/base64.php?lang=en this website] to get it converted into HEX.
paste it in [http://tomeko.net/online_tools/base64.php?lang=en this website] to get it converted into HEX.


The next step is to format it nicely for the switch:
The next step is to format it nicely for the switch:
Line 18: Line 18:
...</pre>
...</pre>


Past all the lines in the switch interface, then finish the key input with  
Paste all the lines in the switch interface, then finish the key input with  
<pre>> public-key-code end
<pre>> public-key-code end
> peer-public-key end</pre>
> peer-public-key end</pre>


The formatting in 8 characters per packet and 5 packet per line was suggested by the output of
The formatting in 8 characters per packet and 5 packets per line was suggested by the output of
  > display rsa local-key-pair public
  > display rsa local-key-pair public
==== Enable weak algos for snmp v2c ====
You have to '''NOT''' be in system-view:
install feature-software WEAKEA

Latest revision as of 12:21, 3 October 2022

Enable SSH key-based connection

> rsa peer-public-key MYNAME
> public-key-code begin

then you need to convert the opennssh ssh-rsa public key to this exact format:

ssh-keygen -f id_rsa.pub -e -m pem

Get the text without the surrounding lines

-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----

paste it in this website to get it converted into HEX.

The next step is to format it nicely for the switch:

echo "MY-HEX-KEY" | sed 's/.\{8\}/& /g'|fmt -w 44

which should give you something like that:

30820108 02820101 00B9A077 0AE7C1B7
2285F7DC C6D1CDDC 4D18989C D33BA519
...

Paste all the lines in the switch interface, then finish the key input with

> public-key-code end
> peer-public-key end

The formatting in 8 characters per packet and 5 packets per line was suggested by the output of

> display rsa local-key-pair public


Enable weak algos for snmp v2c

You have to NOT be in system-view:

install feature-software WEAKEA