Configuring An Ssh User - H3C S5830V2 Security Configuration Manual
Hide thumbs
Also See for S5830V2:
- Configuration manual (318 pages) ,
- Command reference manual (301 pages) ,
- Installation manual (63 pages)
Table of Contents
Advertisement
Manually configuring the host public key—You can type or copy the client's host public key from
•
the client to the SSH server. The host public key must be in the DER encoding format without being
converted.
If you use the device to act as the client, you can use the display public-key local public command
to display the host public key and copy its contents to the server. A host public key obtained in
other ways might be in incorrect format and cannot be saved on the server. H3C recommends that
you import a client's host public key from the public key file of the client.
Importing the host public key—You can upload the client's public key file (in binary) to the server,
•
for example, through FTP or TFTP, and import the host public key from the public key file. During the
import process, the server automatically converts the host public key in the public key file to a string
in PKCS format.
H3C recommends that you configure no more than 20 SSH client host public keys on an SSH server.
To manually configure a client's host public key:
Step
Enter system view.
1.
2.
Enter public key view.
3.
Configure a client's host
public key.
4.
Return to system view.
To import a client's host public key from a public key file:
Step
1.
Enter system view.
2.
Import a client's public key
from a public key file.
Configuring an SSH user
To configure an SSH user that uses publickey authentication, perform the procedure in this section.
If the authentication method is publickey, you must create a local user that has the same username as the
SSH user to assign the working directory and user role.
If the authentication method is password-publickey or any, you must configure a local user account by
using the local-user command for local authentication, or configure an SSH user account on an
authentication server, for example, a RADIUS server, for remote authentication. In either case, the local
user or the SSH user configured for remote authentication must have the same username as the SSH user.
Command
system-view
public-key peer keyname
Enter the content of the host public
key
peer-public-key end
Command
system-view
public-key peer keyname import sshkey filename
165
Remarks
N/A
N/A
When you enter the contents for a
host public key, you can use
spaces and carriage returns
between characters. When you
save the host public key, spaces
and carriage returns are removed
automatically.
For more information, see
"Managing public
keys."
N/A
Advertisement
Table of Contents
Troubleshooting
