Configuring An Ssh User - HP VSR1000 Security Configuration Manual
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
Step
4.
Return to system view.
Importing a client's host public key from the public key file
Step
1.
Enter system view.
2.
Import a client's public key
from the public key file.
Configuring an SSH user
To configure an SSH user that uses publickey authentication, perform the procedure in this section.
If the authentication method is publickey, you must create an SSH user and a local user on the server. The
two users must have the same username, so that the SSH user can be assigned the correct working
directory and user role.
If the authentication method is password-publickey or any, you must create an SSH user and perform
one of the following tasks:
For local authentication, configure a local user by using the local-user command.
•
For remote authentication, configure an SSH user on a remote authentication server, for example, a
•
RADIUS server.
In either case, the local user or the SSH user configured on the remote authentication server must have the
same username as the SSH user.
If the authentication method is password, you do not need to create an SSH user or local user. However,
if you want to display all SSH users, including the password-only SSH users, for centralized management,
you can use this command to create them. If such an SSH user has been created, make sure you have
specified the correct service type and authentication method.
For information about configuring local users and remote authentication, see
Configuration restrictions and guidelines
When you configure an SSH user, follow these restrictions and guidelines:
An SSH server supports up to 1024 SSH users.
•
•
For an SFTP or SCP user, the working directory depends on the authentication method:
If the authentication method is password, the working directory is authorized by AAA.
If the authentication method is publickey or password-publickey, the working folder is specified
by the authorization-attribute command in the associated local user view.
•
For an SSH user, the user role also depends on the authentication method:
If the authentication method is password, the user role is authorized by the remote AAA server
or the local device.
If the authentication method is publickey or password-publickey, the user role is specified by
the authorization-attribute command in the associated local user view.
If you change the authentication parameters for a logged-in SSH user, the change takes effect on
•
the user only at the next login.
Command
peer-public-key end
Command
system-view
public-key peer keyname import sshkey filename
251
Remarks
N/A
"Configuring
AAA."
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
