3com 5500-ei pwr Instrução De Instalação
1-11
Create an SSH user, and
specify an authentication type
for it
specify an authentication type
for it
ssh user username
authentication-type { all |
password | password-publickey
| publickey }
authentication-type { all |
password | password-publickey
| publickey }
are used and different
authentication types are
specified, the authentication
type specified with the ssh
user authentication-type
command takes precedence.
authentication types are
specified, the authentication
type specified with the ssh
user authentication-type
command takes precedence.
z
For password authentication type, the username argument must be consistent with the valid user
name defined in AAA; for publickey authentication, the username argument is the SSH local user
name, so that there is no need to configure a local user in AAA.
z
If the default authentication type for SSH users is password and local AAA authentication is
adopted, you need not use the ssh user command to create an SSH user. Instead, you can use
the local-user command to create a user name and its password and then set the service type of
the user to SSH.
z
If the default authentication type for SSH users is password and remote authentication (RADIUS
authentication, for example) is adopted, you need not use the ssh user command to create an
SSH user, because it is created on the remote server. And the user can use its username and
password configured on the remote server to access the network.
z
Under the publickey authentication mode, the level of commands available to a logged-in SSH
user can be configured using the user privilege level command on the server, and all the users
with this authentication mode will enjoy this level.
z
Under the password or password-publickey authentication mode, the level of commands
available to a logged-in SSH user is determined by the AAA scheme. Meanwhile, for different
users, the available levels of commands are also different.
z
Under the all authentication mode, the level of commands available to a logged-in SSH user is
determined by the actual authentication method used for the user.
Specifying a Service Type for an SSH User on the Server
At present, the switch supports two service types for SSH: stelnet (secure Telnet) and SFTP.
z
The secure Telnet service is a basic application of SSH protocol. It uses the secure channel of
SSH to provide remote login.
z
The SFTP service is an extended application of SSH protocol. It uses the secure channel of SSH
to perform remote FTP operations.
Follow these steps to specify the service type for an SSH user:
To do...
Use the command...
Remarks
Enter system view
system-view
—