Dell PowerConnect B-RX Configuration Manual page 943

Bigiron rx series configuration guide v02.7.02

Hide thumbs Also See for PowerConnect B-RX:

Configuration manual (1458 pages)

Getting started manual (32 pages)

Installation manual (240 pages)

Table of Contents

Setting up DSA challenge-response authentication consists of the following steps.

1. Importing authorized public keys into the device.

2. Enabling DSA challenge response authentication

Importing authorized public keys into the BigIron RX

SSH clients that support DSA authentication normally provide a utility to generate an DSA key pair.

The private key is usually stored in a password-protected file on the local host; the public key is

stored in another file and is not protected. You should collect one public key from each client to be

granted access to the device and place all of these keys into one file. This public key file is imported

into the device.

The following is an example of a public key file containing one public keys.

---- BEGIN SSH2 PUBLIC KEY ----

Comment: DSA Public Key

AAAAB3NzaC1kc3MAAACBAPY8ZOHY2yFSJA6XYC9HRwNHxaehvx5wOJ0rzZdzoSOXxbET

W6ToHv8D1UJ/

z+zHo9Fiko5XybZnDIaBDHtblQ+Yp7StxyltHnXF1YLfKD1G4T6JYrdH YI14Om

1eg9e4NnCRleaqoZPF3UGfZia6bXrGTQf3gJq2e7Yisk/gF+1VAAAAFQDb8D5cv

wHWTZDPfX0D2s9Rd7NBvQAAAIEAlN92+Bb7D4KLYk3IwRbXblwXdkPggA4pfdtW9v

GfJ0/RHd+NjB4eo1D+0dix6tXwYGN7PKS5R/FXPNwxHPapcj9uL1Jn2AWQ2dsknf+i/FAA

vioUPkmdMc0zuWoSOEsSNhVDtX3WdvVcGcBq9cetzrtOKWOocJmJ80qadxTRHtUAAACB

AN7CY+KKv1gHpRzFwdQm7HK9bb1LAo2KwaoXnadFgeptNBQeSXG1vO+JsvphVMBJc9HS

n24VYtYtsMu74qXviYjziVucWKjjKEb11juqnF0GDlB3VVmxHLmxnAz643WK42Z7dLM5

sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV

---- END SSH2 PUBLIC KEY ----

You can import the authorized public keys into the active configuration by loading them from a file

on a TFTP server and are saved on the EEPROM of the chassis. If you import a public key file from

a TFTP server, the file is automatically loaded into the active configuration the next time the device

You must ensure the format be followed before the key is TFTPed to the Brocade device.

The public key may not be effective after download using Linux and Secure CRT. If the file is not

constructed properly, you will receive an error message while loading. You must fix the key files and

load them again.

To cause a public key file called pkeys.txt to be loaded from a TFTP server each time the device is

booted, enter a command such as the following.

BigIron RX(config)# ip ssh pub-key-file tftp 192.168.1.234 pkeys.txt

Syntax: ip ssh pub-key-file tftp | <tftp-server-ip-addr> <filename> [remove]

The <tftp-server-ip-addr> variable is the IP address of the tftp server that contains the public key

file that you want to import into the Brocade device.

BigIron RX Series Configuration Guide

53-1001810-01

The device compares the decrypted bytes to the original bytes it sent to the client. If the two

sets of bytes match, it means that the client's private key corresponds to an authorized public

key, and the client is authenticated.

Configuring SSH

Brocade dcx-4s Brocade dcx

Dell PowerConnect B-RX Configuration Manual page 943

Related Manuals for Dell PowerConnect B-RX

Related Products for Dell PowerConnect B-RX

This manual is also suitable for:

Table of Contents