3com MSR 20-20 참조 매뉴얼
2196
C
HAPTER
142: SSH2.0 C
ONFIGURATION
C
OMMANDS
■
For a publickey authentication user, you must configure the username and the
public key on the device. For a password authentication user, you can configure
the account information on either the device or the remote authentication
server such as a RADIUS server.
public key on the device. For a password authentication user, you can configure
the account information on either the device or the remote authentication
server such as a RADIUS server.
■
If you use the ssh user command to configure a public key for a user who has
already had a public key, the new one overwrites the old one.
already had a public key, the new one overwrites the old one.
■
The new public key takes effect when the user logs in next time.
■
If an SFTP user has been assigned a public key, it is necessary to set a working
folder for the user.
folder for the user.
■
The working folder of an SFTP user is subject to the user authentication
method. For a user using only password authentication, the working folder is
the AAA authorized one. For a user using only publickey authentication or
using both the publickey and password authentication methods, the working
folder is the one set by using the ssh user command.
method. For a user using only password authentication, the working folder is
the AAA authorized one. For a user using only publickey authentication or
using both the publickey and password authentication methods, the working
folder is the one set by using the ssh user command.
Related command:
Example
# Create an SSH user named user1, and specify the service type as sftp, the
authentication method as publickey, the work folder of the SFTP server as flash,
and assign a public key named key1 to the user.
authentication method as publickey, the work folder of the SFTP server as flash,
and assign a public key named key1 to the user.
<Sysname> system-view
[Sysname] ssh user user1 service-type sftp athentication-type public
key assign publickey key1 work-directory flash:
ssh2
Syntax
ssh2 server [ port-number ] [ identity-key { dsa | rsa } | prefer-ctos-cipher { 3des |
aes128 | des } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des |
aes128 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
aes128 | des } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des |
aes128 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *
View
User view
Parameter
server: IPv4 address or name of the server, a string of 1 to 20 characters.
port-number: Port number of the server, in the range 0 to 65535. The default is
22.
22.
identity-key: Specifies the algorithm for publickey authentication, either dsa or
rsa. The default is dsa.
rsa. The default is dsa.
prefer-ctos-cipher: Preferred encryption algorithm from client to server, defaulted
to aes128.
to aes128.
■
3des: Encryption algorithm 3des-cbc.
■
aes128: Encryption algorithm aes128-cbc
■
des: Encryption algorithm des-cbc.