HP SN3000B Administrator's Manual page 157
Brocade fabric os administrator's guide - supporting fabric os v7.0.1 (53-1002446-01, march 2012)
Hide thumbs
Also See for SN3000B:
- Troubleshooting manual (138 pages) ,
- Reference manual (70 pages) ,
- Quickspecs (21 pages)
Table of Contents
Advertisement
Configuring outgoing SSH authentication
After the allowed-user is configured, the remaining setup steps must be completed by the
allowed-user. To configure outgoing authentication, follow these steps:
1. Log in to the switch as the default admin.
2. Change the allowed-user's permissions to admin, if applicable.
3. Set up the allowed-user by typing the following command:
4. Generate a key pair for switch-to-host (outgoing) authentication by logging in to the switch as
5. Export the public key to the host by logging in to the switch as the allowed-user and entering
6. Append the public key to a remote host by logging in to the remote host, locating the directory
7.
Deleting public keys on the switch
1. Connect to the switch and log in using an account with admin permissions.
2. Use the sshUtil delpubkeys command to delete public keys.
For more information on IP Filter policies, refer to
Fabric OS Administrator's Guide
53-1002446-01
switch:admin> userconfig --change username -r admin
Where username is the name of the user you want to perform SSH public key authentication,
import, export, and delete keys.
switch:admin> sshutil allowuser username
Where username is the name of the user you want to perform SSH public key authentication,
import, export, and delete keys.
the allowed user and entering the sshUtil genkey command.
You may enter a passphrase for additional security.
Example of generating a key pair on the switch
switch:alloweduser> sshutil genkey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Key pair generated successfully.
the sshUtil exportpubkey command to export the key.
Example of exporting a public key from the switch
switch:alloweduser> sshutil exportpubkey
Enter IP address:192.168.38.244
Enter remote directory:~auser/.ssh
Enter login name:auser
Password:
public key out_going.pub is exported successfully.
where authorized keys are stored, and appending the public key to the file.
You may need to refer to the host's documentation to locate where the authorized keys are
stored.
Test the setup by using a command that uses SCP and authentication, such as
firmwareDownload or configUpload.
You will be prompted to enter the name of the user whose the public keys you want to delete.
Enter all to delete public keys for all users.
Secure Shell protocol
Chapter 7, "Configuring Security
6
Policies".
119
Advertisement
Table of Contents
