Setting The Ssh Management Parameters - HP 5920 Series Configuration Manual
Hide thumbs
Also See for 5920 Series:
- Command reference manual (607 pages) ,
- Configuration manual (322 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
If a client directly sends the user's public key information to the server, you must specify the
client's public key on the server and the specified public key must already exist. For more
information about public keys, see
If a client sends the user's public key information to the server through a digital certificate, you
must specify the PKI domain for verifying the client certificate on the server. To make sure the
authorized SSH users can pass the authentication, the specified PKI domain must have the
correct CA certificate. For more information about configuring a PKI domain, see
PKI."
When the device operates in FIPS mode as an SSH server, the device does not support the
•
authentication method of any or publickey.
For information about configuring local users and remote authentication, see
Configuration procedure
To configure an SSH user, and specify the service type and authentication method:
Step
1.
Enter system
view.
2.
Create an SSH
user, and
specify the
service type
and
authentication
method.
Setting the SSH management parameters
Setting the SSH management parameters improves the security of SSH connections. The SSH
management parameters include:
To set the SSH management parameters:
Step
1.
Enter system view.
2.
Enable the SSH server to
support SSH1 clients.
3.
Set the RSA server key pair
update interval.
"Configuring a client's host public
Command
system-view
•
In non-FIPS mode:
ssh user username service-type { all | netconf | scp
| sftp | stelnet } authentication-type { password |
{ any | password-publickey | publickey } assign
{ pki-domain domain-name | publickey keyname } }
•
In FIPS mode:
ssh user username service-type { all | netconf | scp
| sftp | stelnet } authentication-type { password |
password-publickey assign { pki-domain
domain-name | publickey keyname } }
Command
system-view
ssh server compatible-ssh1x
enable
ssh server rekey-interval hours
277
key."
"Configuring
"Configuring
AAA."
Remarks
N/A
The netconf keyword is
available in Release
2311P04 and later versions.
Remarks
N/A
By default, the SSH server supports
SSH1 clients.
This command is not available in
FIPS mode.
By default, the RSA server key pair
is not updated.
This command takes effect only on
SSH1 clients.
This command is not available in
FIPS mode.
- Quick Links:
- Configuration Guide
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
