Dell Brocade G620 Brocade 8.0.1 Fabric OS Command Reference - Page 1068
between a switch and a remote host. To set up incoming connections
![]() |
View all Dell Brocade G620 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1068 highlights
sshUtil Description Notes Use this command to enable and manage SSH public key authentication on a switch. SSH public key authentication provides a mechanism for authenticating an authorized user without a password. SSH public key authentication is more secure than password authentication and can be used to securely access services that require automatic login. SSH public key authentication works as follows: An authorized user generates a pair of encryption keys (public and private) on a local machine (a switch or a server). Messages encrypted with the private key can only be decrypted by the public key, and vice versa. The private key remains on the local machine; the public key is exported to a remote host. The remote host responds to login requests by sending a brief message encrypted with the public key. The private key on the local host decrypts the message, and the login succeeds. Use the sshUtil command to do the following: • Configure a user to manage keys on a switch. • Generate a private/public key pair on the local switch. • Import a public key for a specified user from a remote host to the local switch. • Export the public key from the local switch to a remote host. • Delete the public keys associated with a specified user or all users on the local switch. • Delete the private key on the local switch. • Delete the known host name or IP address from the file .ssh/known_hosts. • Generate, display, and delete the SSH host keys. The execution of this command is subject to Virtual Fabric restrictions that may be in place. Refer to "Using Fabric OS Commands" and "Command Availability" for details. Outgoing public key authentication from the switch to a remote host is restricted to Fabric OS Commands which use secure copy (SCP), such as configDownload or configUpload. This command supports generation of a public/private key pair on the switch to enable outgoing connections between a switch and a remote host. To set up incoming connections, you must first generate the public/private key pair on a remote host and then import the public key to the switch. Use the SSH utility ssh-keygen -t dsa to generate the keys on the remote host. Refer to your UNIX system documentation for details on this command. Operands This command supports the following operands: allowuser user name Configures the specified user to perform key management operations such as to generate a key pair, export the public key, and delete the private key. The default admin is, by default, a configured user. Only one user can be configured at any given time. The following operand is required: user name Specifies login name for the configured user. The user must be in the switch user database and must have admin privileges on the switch. showuser Displays the currently configured user. This operation can only be performed by the default admin. 1044 Brocade Fabric OS Command Reference 53-1004112-02
![](/manual_guide/products/dell-brocade-g620-brocade-801-fabric-os-command-reference-c7958e0/1068.png)