Configuring The Ssh Management Parameters - HP FlexFabric 5700 Series Security Configuration Manual
Hide thumbs
Also See for FlexFabric 5700 Series:
- Configuration manual (185 pages) ,
- Configuration manual (125 pages) ,
- Configuration manual (63 pages)
Table of Contents
Advertisement
If the authentication method is publickey or password-publickey, the user role is specified by
the authorization-attribute command in the associated local user view.
If you change the authentication method or public key for a logged-in SSH user, the changes take
•
effect at the next login.
For all authentication methods except password authentication, you must specify a client's host
•
public key or digital certificate.
For a client that directly sends the user's public key information to the server, you must specify
the client's host public key on the server. The specified public key must already exist. For more
information about public keys, see
For a client that sends the user's public key information to the server through a digital certificate,
you must specify the PKI domain on the server. This PKI domain verifies the client certificate. To
make sure the authorized SSH users can pass the authentication, the specified PKI domain must
have the correct CA certificate. For more information about configuring a PKI domain, see
"Configuring
When the device operates in FIPS mode as an SSH server, the device does not support the
•
authentication method of any or publickey.
For information about configuring local users and remote authentication, see
Configuration procedure
To configure an SSH user, and specify the service type and authentication method:
Step
1.
Enter system view.
2.
Create an SSH user, and
specify the service type and
authentication method.
Configuring the SSH management parameters
Step
1.
Enter system view.
2.
Enable the SSH server to
support SSH1 clients.
"Configuring a client's host public
PKI."
Command
system-view
•
In non-FIPS mode:
ssh user username service-type { all | netconf | scp | sftp | stelnet }
authentication-type { password | { any | password-publickey |
publickey } assign { pki-domain domain-name | publickey
keyname } }
•
In FIPS mode:
ssh user username service-type { all | netconf | scp | sftp | stelnet }
authentication-type { password | password-publickey assign
{ pki-domain domain-name | publickey keyname } }
Command
system-view
ssh server compatible-ssh1x
enable
308
key."
"Configuring
AAA."
Remarks
N/A
By default, the SSH server supports
SSH1 clients.
This command is not available in
FIPS mode.
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
