HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 226
Steps for Configuring and Using SSH for Switch and Client Authentication
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 226 highlights
Configuring Secure Shell (SSH) Steps for Configuring and Using SSH for Switch and Client Authentication Steps for Configuring and Using SSH for Switch and Client Authentication For two-way authentication between the switch and an SSH client, you must use the login (Operator) level. Table 6-1. SSH Options Switch Access Level Operator (Login) Level Primary SSH Authentication ssh login rsa ssh login Local ssh login TACACS Authenticate Switch Public Key to SSH Clients? Yes Authenticate Client Public Key to the Switch? Yes1 Yes No Yes No Primary Switch Password Authentication No1 Yes Yes Secondary Switch Password Authentication local or none none local or none ssh login RADIUS Yes No Yes local or none Manager ssh enable local Yes No Yes none (Enable) ssh enable tacacs Yes No Level ssh enable radius Yes No Yes local or none Yes local or none 1 For ssh login public-key, the switch uses client public-key authentication instead of the switch password options for primary authentication. The general steps for configuring SSH include: A. Client Preparation 1. Install an SSH client application on a management station you want to use for access to the switch. (Refer to the documentation provided with your SSH client application.) 2. Optional-If you want the switch to authenticate a client public-key on the client: a. Either generate a public/private key pair on the client computer (if your client application allows) or import a client key pair that you have generated using another SSH application. b. Copy the client public key into an ASCII file on a TFTP server accessible to the switch and download the client public key file to the switch. (The client public key file can hold up to 10 client keys.) This topic is covered under "To Create a Client-Public-Key Text File" on page 6-26. 6-6