H3C S3100-52P Operation Manual page 9

Operation Manual – SSH Terminal Service
H3C S3100-52P Ethernet Switch
V. Configuring a client public key for a user
On the switch, you can configure a client public key (generated randomly on a client) for
a client user. This configuration is not required for password authentication type.
There are two methods to configure a client public key for a user.
1) Manual configuration
First, perform the following operations on a client:
Use the SSH2.0 client software to randomly generate a RSA key pair.
Use the SSHKEY.exe program to transform the public key in the RSA key pair to
PKCS (public-key cryptography standards) format.
Then, perform the following operations on the server:
Table 1-6 Configure client public key for a user
Operation
Enter system view
Enter public key view
Enter public key edit
view to input a client
public key
Return to public key
view from public key
edit view
Return
view from public key
view
Assign a client public
key to an SSH user
Command
system-view
rsa peer-public-key
key-name
public-key-code
begin
public-key-code
end
to system
peer-public-key end
ssh user username
assign
keyname
Chapter 1 SSH Terminal Service
—
Required
When you input the key data,
spaces are allowed between the
characters you input (because the
system can remove the spaces
automatically); you can also press
<Enter> to continue your input at
the next line. But the key you input
should be a hexadecimal digit
string coded in the public key
format.
The system saves the public key
data you input when exiting public
key edit view.
—
Required
Keyname is the name of an
existing public key. If the user has
rsa-key
already been assigned with a
public key, the newly assigned
public key overwrites the old one.
1-8
Description