To allow the SSH client (STelnet client in this case) with initial authentication disabled to successfully log in to the SSH server for the first time, configure the SSH client to assign an RSA, DSA, SM2, or ECC public key to the SSH server before the login.
If initial authentication is disabled on the SSH client, the client cannot log in to the SSH server, because the validity check of the RSA, DSA, SM2, or ECC public key will fail. The client must assign an RSA, DSA, SM2, or ECC public key to the server before logging in to the server.
The public key allocated to the SSH server must be generated on the server, modified on the client, and then sent back to the server. Otherwise, the validity check for the public key on the SSH client cannot succeed.
Perform the following steps on the SSH client:
For security purposes, do not use RSA keys whose length is less than 2048 bits. You are advised to use RSA_SHA2_256 and RSA_SHA2_512 instead.
The system view is displayed.
A public key algorithm is configured for the SSH client.
The public key view is displayed.
The entered public key must be a hexadecimal string complying with the public key format. The public key is generated randomly on the SSH server.
After entering the public key view, you can send the RSA, DSA, SM2 , or ECC public key that is generated on the server to the client. Copy and paste the RSA, DSA, SM2, or ECC public key to the SSH server.
Exit the public key view.
If the configured public key contains invalid characters or does not comply with the public key format, an error message is displayed, and the configured public key is discarded. If the configured public key is valid, it is saved into the client's public key chain table.
If key-name specified in Step 2 has been deleted in another window, the system displays an error and returns to the system view.
Exit the public key view and return to the system view.
The configuration is committed.