Cisco Nexus 3600 NX-OS Security Configuration Manual page 83

page of 154

/ 154
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring SSH and Telnet

Step 3

Step 4

Step 5

Step 6

Step 7

Step 8

Step 9

Step 10

Command or Action

username user-id ssh-cert-dn dn-name

{dsa | rsa}

Example:

switch(config)# username jsmith

ssh-cert-dn "/O = ABCcompany, OU

= ABC1,

emailAddress =

jsmith@ABCcompany.com, L =

Metropolis, ST = New York, C = US,

CN = jsmith" rsa

[no] crypto ca trustpoint trustpoint

Example:

switch(config)# crypto ca

trustpoint winca

[no] crypto ca authentication

trustpoint

Example:

switch(config)# crypto ca

authentication winca

crypto ca crl request trustpoint

bootflash:static-crl.crl

Example:

switch(config)# crypto ca crl

request winca

bootflash:crllist.crl

show crypto ca certificates

Example:

switch(config)# show crypto ca

certificates

show crypto ca crl trustpoint

Example:

switch(config)# show crypto ca crl

winca

show user-account

Example:

switch(config)# show user-account

show users

Example:

switch(config)# show users

Configuring X.509v3 Certificate-Based SSH Authentication

Purpose

Specifies an SSH X.509 certificate distinguished name

and DSA or RSA algorithm to use for authentication for

an existing user account. The distinguished name can be

up to 512 characters and must follow the format shown

in the examples. Make sure the email address and state

are configured as emailAddress and ST, respectively.

Configures a trustpoint.

Configures a certificate chain for the trustpoint.

Configures the certificate revocation list (CRL) for the

trustpoint. The CRL file is a snapshot of the list of

revoked certificates by the trustpoint. This static CRL list

is manually copied to the device from the Certification

Authority (CA).

Note

Static CRL is the only supported revocation

check method.

(Optional)

Displays the configured certificate chain and associated

trustpoint.

(Optional)

Displays the contents of the CRL list of the specified

trustpoint.

(Optional)

Displays configured user account details.

(Optional)

Displays the users logged into the device.

Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x

Table of Contents

Show Quick Links

Quick Links:
Authentication, Authorization, and Accounting
Ssh and Telnet

Hide quick links:

Table of Contents

Cisco Nexus 3600 NX-OS Security Configuration Manual page 83

Hide quick links:

Related Manuals for Cisco Nexus 3600 NX-OS

Related Products for Cisco Nexus 3600 NX-OS

Table of Contents