Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160

Fri Sep 28 22:20:08 2007 Info: PID 688: User admin commit changes:

Fri Sep 28 23:06:15 2007 Info: PID 688: User admin commit changes:

^Cexample.srv>

.

Use the 

logconfig -> hostkeyconfig

 subcommand to manage host keys for use with SSH when 

pushing logs to other servers from the Cisco IronPort appliance. SSH servers must have a pair of host 
keys, one private and one public. The private host key resides on the SSH server and cannot be read by 
remote machines. The public host key is distributed to any client machine that needs to interact with the 
SSH server.

To manage user keys, see “Managing Secure Shell (SSH) Keys” in the Cisco IronPort AsyncOS for Email 
Security Daily Management Guide.

The 

hostkeyconfig

 subcommand performs the following functions:

In the following example, the commands scan for host keys and add them for the host:

mail3.example.com> logconfig

Currently configured logs:

[ list of logs ]

Choose the operation you want to perform:

- NEW - Create a new log.

- EDIT - Modify a log subscription.

- DELETE - Remove a log subscription.

- SETUP - General settings.

- LOGHEADERS - Configure headers to log.

- HOSTKEYCONFIG - Configure SSH host keys.

[]> hostkeyconfig

Currently installed host keys:

1. mail3.example.com ssh-dss [ key displayed ]

Add a new key.

Modify an existing key.

Delete an existing key.

Automatically download a host key.

Display a key.

Display system host keys. This is the value to place in the remote system's 
“known_hosts” file.

Display system host key fingerprints.

Display the public key of the system account that pushes the logs to the remote 
machine. This is the same key that appears when setting up an SCP push subscription. 
This is the value to place in the remote system's “authorized_keys” file.