Table of Contents
Advertisement
[SwitchB-luser-manage-client001] authorization-attribute user-role network-admin
[SwitchB-luser-manage-client001] quit
# Create an SSH user client001. Specify the authentication method publickey for the user and
specify client256 as the PKI domain for verifying the client's certificate.
[Switch] ssh user client001 service-type stelnet authentication-type publickey assign
pki-domain client256
4.
Establish an SSH connection to the Stelnet server 192.168.1.40 based on the 128-bit Suite B
algorithms.
<SwitchA> ssh2 192.168.1.40 suite-b 128-bit pki-domain client256 server-pki-domain
server256
Username: client001
Press CTRL+C to abort.
Connecting to 192.168.1.40 port 22.
Enter a character ~ and a dot to abort.
******************************************************************************
* Copyright (c) 2010-2015 Hewlett Packard Enterprise Development LP
* Without the owner's prior written consent,
* no decompiling or reverse-engineering shall be allowed.
******************************************************************************
<SwitchB>
SFTP configuration examples
Unless otherwise noted, devices in the configuration examples are in non-FIPS mode.
When you configure SFTP on a device that operates in FIPS mode, follow these restrictions and
guidelines:
•
The modulus length of the key pair must be 2048 bits.
•
When the device acts as an SFTP server, it supports only RSA and ECDSA key pairs. If both
RSA and ECDSA key pairs exist on the server, the server uses the ECDSA key pair.
Password authentication enabled SFTP server configuration
example
Network requirements
As shown in
•
You can log in to the switch through the SFTP client that runs on the host.
•
After login, you are assigned the user role network-admin to execute file management and
transfer operations.
•
The switch acts as the SFTP server and uses password authentication.
•
The username and password of the client are saved on the switch.
Figure
107:
364
*
*
*
Advertisement
Table of Contents
Troubleshooting
