3com 4210 PWR 9-Port 3CR17341-91-ME User Manual
Product codes
3CR17341-91-ME
392
C
HAPTER
36: SSH C
ONFIGURATION
Exporting the RSA or
DSA Public Key
You can display the generated RSA or DSA key pair on the screen in a specified
format, or export it to a specified file for configuring the key at a remote end.
format, or export it to a specified file for configuring the key at a remote end.
n
The DSA public key format can be SSH2 and OpenSSH, while the RSA public key
format can be SSH1, SSH2 and OpenSSH.
format can be SSH1, SSH2 and OpenSSH.
Creating an SSH User
and Specify an
Authentication Type
This task is to create an SSH user and specify an authentication type for it.
Specifying an authentication type for a new user is a must to get the user login.
Specifying an authentication type for a new user is a must to get the user login.
c
CAUTION:
■
For password authentication type, the username argument must be consistent
with the valid user name defined in AAA; for publickey authentication, the
username argument is the SSH local user name, so that there is no need to
configure a local user in AAA.
with the valid user name defined in AAA; for publickey authentication, the
username argument is the SSH local user name, so that there is no need to
configure a local user in AAA.
■
If the default authentication type for SSH users is password and local AAA
authentication is adopted, you need not use the ssh user command to create
an SSH user. Instead, you can use the local-user command to create a user
name and its password and then set the service type of the user to SSH.
authentication is adopted, you need not use the ssh user command to create
an SSH user. Instead, you can use the local-user command to create a user
name and its password and then set the service type of the user to SSH.
■
If the default authentication type for SSH users is password and remote
authentication (RADIUS authentication, for example) is adopted, you need not
use the ssh user command to create an SSH user, because it is created on the
authentication (RADIUS authentication, for example) is adopted, you need not
use the ssh user command to create an SSH user, because it is created on the
Table 302 Export the RSA public key
Operation
Command
Remarks
Enter system view
system-view
Display the RSA key on the
screen in a specified format or
export it to a specified file
screen in a specified format or
export it to a specified file
public-key local export rsa {
openssh | ssh1 | ssh2 } [
filnename ]
openssh | ssh1 | ssh2 } [
filnename ]
Required
Table 303 Export the DSA public key
Operation
Command
Remarks
Enter system view
system-view
Display the DSA key on the
screen in a specified format or
export it to a specified file
screen in a specified format or
export it to a specified file
public-key local export dsa
{ openssh | ssh2 } [ filnename
]
{ openssh | ssh2 } [ filnename
]
Required
Table 304 Configure an SSH user and specify an authentication type for it
Operation
Command
Remarks
Enter system view
system-view
Specify the default
authentication type for all SSH
users
authentication type for all SSH
users
ssh authentication-type
default { all | password |
password-publickey |
publickey | rsa }
default { all | password |
password-publickey |
publickey | rsa }
Use either command.
By default, no SSH user is
created and no authentication
type is specified.
created and no authentication
type is specified.
Note that: If both commands
are used and different
authentication types are
specified, the authentication
type specified with the ssh
user authentication-type
command takes precedence.
are used and different
authentication types are
specified, the authentication
type specified with the ssh
user authentication-type
command takes precedence.
ssh user username
Create an SSH user, and
specify an authentication type
for it
specify an authentication type
for it
ssh user username
authentication-type { all |
password |
password-publickey |
publickey | rsa }
authentication-type { all |
password |
password-publickey |
publickey | rsa }