Displaying and maintaining user profiles ·················································································································· 190

Managing public keys ············································································································································ 191

Configuration task list ·················································································································································· 191

Creating a local asymmetric key pair ························································································································ 192

Displaying or exporting the local host public key ···································································································· 192

Destroying a local asymmetric key pair ···················································································································· 193

Specifying the peer public key on the local device ·································································································· 194

Displaying public keys ················································································································································· 195

Public key configuration examples ····························································································································· 195

Manually specifying the peer public key on the local device ········································································ 195

Importing a public key from a public key file ··································································································· 197

Configuring SSH ····················································································································································· 200

Overview ······································································································································································· 200

How SSH operates ·············································································································································· 200

SSH authentication ·············································································································································· 201

FIPS compliance ·················································································································································· 202

SSH support for MPLS L3VPN ···························································································································· 202

Configuring the device as an SSH server ·················································································································· 202

SSH server configuration task list ······················································································································ 202

Generating local DSA or RSA key pairs ··········································································································· 203

Enabling the SSH server function ······················································································································· 203

Enabling the SFTP server function ······················································································································ 204

Configuring the user interfaces for SSH clients ································································································ 204

Configuring a client's host public key ··············································································································· 205

Configuring an SSH user ···································································································································· 206

Setting the SSH management parameters ········································································································ 207

Setting the DSCP value for packets sent by the SSH server ············································································ 208

Configuring the device as an Stelnet client ··············································································································· 208

Stelnet client configuration task list ···················································································································· 209

Specifying a source IP address or source interface for the Stelnet client ······················································ 209

Enabling/disabling first-time authentication ····································································································· 209

Establishing a connection to an Stelnet server ································································································· 210

Setting the DSCP value for packets sent by the Stelnet client ········································································· 211

Configuring the device as an SFTP client ·················································································································· 212

SFTP client configuration task list ······················································································································· 212

Specifying a source IP address or source interface for the SFTP client ························································· 212

Establishing a connection to an SFTP server ···································································································· 212

Working with SFTP directories ··························································································································· 213

Working with SFTP files ······································································································································ 214

Displaying help information ······························································································································· 214

Terminating the connection with the SFTP server ····························································································· 215

Setting the DSCP value for packets sent by the SFTP client ············································································ 215

Configuring the device as an SCP client ··················································································································· 215

SCP client configuration task list ························································································································ 215

Transferring files with an SCP server ················································································································· 216

Displaying and maintaining SSH ······························································································································· 216

Stelnet configuration examples ··································································································································· 217

When the switch acts as an Stelnet server for password authentication ······················································· 217

When the switch acts as an Stelnet server for publickey authentication ······················································· 219

When the switch acts as an Stelnet client for password authentication ························································ 224

When the switch acts as an Stelnet client for publickey authentication ························································ 227

SFTP configuration examples ······································································································································ 229

When the switch acts as an SFTP server for password authentication ·························································· 229