HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 193
Importing a client public key from a public key file, Configuring an SSH user
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 193 highlights
Importing a client public key from a public key file Step 1. Enter system view. 2. Import the public key from a public key file. Command system-view public-key peer keyname import sshkey filename Configuring an SSH user To configure an SSH user that uses publickey authentication, you must perform the procedure in this section. To configure an SSH user that uses password authentication, whether together with publickey authentication or not, you must configure a local user account by using the local-user command for local authentication, or configure an SSH user account on an authentication server, for example, a RADIUS server, for remote authentication. For more information about the local-user command, see Security Command Reference. For password-only SSH users, you do not need to perform the procedure in this section to configure them unless you want to use the display ssh user-information command to display all SSH users, including the password-only SSH users, for centralized management. Configuration guidelines When you perform the procedure in this section to configure an SSH user, follow these guidelines: You can set the service type to Stelnet, SFTP, and SCP (Secure copy). For more information about Stelnet, see "Overview." For more information about SFTP, see "Configuring SFTP." For more information about SCP, see "Configuring SCP." • You can enable one of the following authentication modes for the SSH user: { Password-The user must pass password authentication. { Publickey authentication-The user must pass publickey authentication. { Password-publickey authentication-As an SSH2.0 user, the user must pass both password and publickey authentication. As an SSH1 user, the user must pass either password or publickey authentication. { Any-The user can use either password authentication or publickey authentication. • If publickey authentication, whether with password authentication or not, is used, the command level accessible to the user is set by the user privilege level command on the user interface. If only password authentication is used, the command level accessible to the user is authorized by AAA. • SSH1 does not support SCP and SFTP. For an SSH1 client, you must set the service type to stelnet or all. • For an SCP or SFTP user, the working folder depends on the authentication method: { If only password authentication is used, the working folder is authorized by AAA. { If publickey authentication, whether with password authentication or not, is used, the working folder is set by using the ssh user command. • If you change the authentication mode or public key for an SSH user that has been logged in, the change can take effect only at the next login of the user. 183