Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi

Fri Sep 28 22:20:08 2007 Info: PID 688: User admin commit changes:

Fri Sep 28 23:06:15 2007 Info: PID 688: User admin commit changes:

^Cexample.srv>

.

Use the 

logconfig -> hostkeyconfig

 subcommand to manage host keys for use with SSH when 

pushing logs to other servers from the Cisco Content Security appliance. SSH servers must have a pair 
of host keys, one private and one public. The private host key resides on the SSH server and cannot be 
read by remote machines. The public host key is distributed to any client machine that needs to interact 
with the SSH server.

To manage user keys, see “Managing Secure Shell (SSH) Keys” in the user guide or online help for your 
Email Security appliance.

The 

hostkeyconfig

 subcommand performs the following functions:

In the following example, the commands scan for host keys and add them for the host:

mail3.example.com> logconfig

Currently configured logs:

[ list of logs ]

Choose the operation you want to perform:

- NEW - Create a new log.

- EDIT - Modify a log subscription.

- DELETE - Remove a log subscription.

- SETUP - General settings.

- LOGHEADERS - Configure headers to log.

- HOSTKEYCONFIG - Configure SSH host keys.

[]> hostkeyconfig

Currently installed host keys:

1. mail3.example.com ssh-dss [ key displayed ]

Add a new key.

Modify an existing key.

Delete an existing key.

Automatically download a host key.

Display a key.

Display system host keys. This is the value to place in the remote system's 
“known_hosts” file.

Display system host key fingerprints.

Display the public key of the system account that pushes the logs to the remote 
machine. This is the same key that appears when setting up an SCP push subscription. 
This is the value to place in the remote system's “authorized_keys” file.