HP 16-port SCS Installation Instructions Manual page 33

Table of Contents

Advertisement

Access rights of users are determined from the authentication method used. SSH key authentication always uses the
access rights from the local user database. Depending on the server authentication mode specified with the Server
Security command, SSH password authentication will use either the access rights from the local user database or
the values returned by the RADIUS server.
With either of the "or" methods (PW|Key and Key|PW), the user access rights are determined from the method used
to authenticate the user.
With either of the "and" methods (PW&Key and Key&PW), the user access rights are determined from the first method
specified. If PW&Key is specified, the access rights from the password authentication will be used. If Key&PW is
specified, the access rights from the key authentication will be used.
See "Using authentication methods."
SSH user keys
The SSH key of a user is specified in a User Add or User Set command. You can define a key even if SSH is not
currently enabled. The key can be specified in one of two ways:
When using the SSHKey and FTPIP keyword pair to define the network location of a user SSH key file, the
SSHKey parameter specifies the name of the uuencoded (UNIX to UNIX encoded) public key file on an FTP
server. The maximum file size that can be received is 4 KB. The FTPIP parameter specifies the server FTP IP
address.
When this method is specified, the SCS initiates an FTP client request to the specified IP address. The SCS then
prompts the user for an FTP user name and password for connection. When connected, the SCS will get the
specified key file, and the FTP connection will be closed. The SCS then stores the SSH key with the user name in
the SCS user database.
When using the Key keyword to specify the SSH key, the Key parameter specifies the actual uuencoded SSH
key. This parameter is for configurations that do not implement an FTP server. The SCS stores the specified key
in the SCS user database.
The SCS processes a uuencoded SSH2 public key file with the format described in the Internet Engineering Task Force
(IETF) document draft-ietf-secshpublickeyfile-02. The key must follow all format requirements. The UNIX ssh-keygen2
generates this file format. The SCS also processes a uuencoded SSH1 public key file. The UNIX ssh-keygen generates
this file format.
Operations 27

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

48-port scs

Table of Contents