1-44When Switch Acts as Client for Publickey AuthenticationNetwork requirementsAs shown in Figure 1-31, establish an SSH connection between Switch A (SSH Client) and Switch B(SSH Server) for secure data exchange. The user name is client001 and the SSH server’s IP address is10.165.87.136. Publickey authentication is required.Network diagramFigure 1-31 Switch acts as client for publickey authenticationConfiguration procedureIn public key authentication, you can use either RSA or DSA public key. Here takes the DSA public keyas an example.z Configure Switch B# Create a VLAN interface on the switch and assign an IP address, which the SSH client will use as thedestination for SSH connection. system-view[SwitchB] interface vlan-interface 1[SwitchB-Vlan-interface1] ip address 10.165.87.136 255.255.255.0[SwitchB-Vlan-interface1] quitGenerating the RSA and DSA key pairs on the server is prerequisite to SSH login.# Generate RSA and DSA key pairs.[SwitchB] public-key local create rsa[SwitchB] public-key local create dsa# Set the authentication mode for the user interfaces to AAA.[SwitchB] user-interface vty 0 4[SwitchB-ui-vty0-4] authentication-mode scheme# Enable the user interfaces to support SSH.[SwitchB-ui-vty0-4] protocol inbound ssh# Set the user command privilege level to 3.[SwitchB-ui-vty0-4] user privilege level 3