Table of Contents
Advertisement
To do...
Enter system view
Create an
SSH user,
and specify
the service
type and
authentication
mode
A user without an SSH account can still pass password authentication and log into the server
through Stelnet or SFTP, as long as the user can pass AAA authentication and the service type is
SSH.
An SSH server supports up to 1024 SSH users.
The service type of an SSH user can be Stelnet (Secure Telnet) or SFTP (Secure FTP). For
information about Stelnet, refer to
Overview.
For successful login through SFTP, you must set the user service type to sftp or all.
As SSH1 does not support service type sftp, if the client uses SSH1 to log into the server, you
must set the service type to stelnet or all on the server. Otherwise, the client will fail to log in.
The working folder of an SFTP user is subject to the user authentication method. For a user using
only password authentication, the working folder is the AAA authorized one. For a user using only
publickey authentication or using both the publickey and password authentication methods, the
working folder is the one set by using the ssh user command.
The configured authentication method takes effect only for users logging in after the configuration.
For users using publickey authentication:
You must configure on the device the corresponding username and public keys.
After login, the commands available for a user are determined by the user privilege level, which is
configured with the user privilege level command on the user interface.
For users using password authentication:
You can configure the accounting information either on the device or on the remote authentication
server (such as RADIUS authentication server).
After login, the commands available to a user are determined by AAA authorization.
Setting the SSH Management Parameters
SSH management includes:
system-view
ssh user username service-type stelnet
For Stelnet
authentication-type { password | { any |
users
password-publickey | publickey } assign
publickey keyname }
ssh user username service-type { all | sftp }
authentication-type { password | { any |
For all users
password-publickey | publickey } assign
or SFTP users
publickey keyname work-directory
directory-name }
SSH2.0
Use the command...
Overview. For information about SFTP, refer to
8-8
Remarks
—
Required
Use either
command.
SFTP
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
