Configuring A Client's Host Public Key - HP 3600 v2 Series Configuration Manual
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (441 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
Configuration guidelines
If you configure a user interface to support SSH, be sure to configure the corresponding
•
authentication mode with the authentication-mode scheme command.
•
For a user interface configured to support SSH, you cannot change the authentication mode. To
change the authentication mode, undo the SSH support configuration first.
Configuration procedure
To configure the protocols for a user interface to support:
Step
1.
Enter system view.
2.
Enter user interface view of
one or more user interfaces.
3.
Set the login authentication
mode to scheme.
4.
Configure the user interfaces
to support SSH login.
For more information about the authentication-mode and protocol inbound commands, see
Fundamentals Command Reference.
Configuring a client's host public key
This configuration task is only necessary for SSH users using publickey authentication.
To allow an SSH user to pass publickey authentication and log in to the server, you must configure the
client's DSA, RSA, or ECDSA host public key on the server, and configure the client to use the
corresponding host private key, so that the server uses the digital signature to authenticate the client.
You can manually configure the public key of an SSH client on the server, or import it from the public key
file:
•
Configure it manually—You can type or copy the public key to the SSH server. The public key must
have not been converted and be in the Distinguished Encoding Rules (DER) encoding format.
•
Import it from the public key file—During the import process, the server will automatically convert
the public key in the public key file to a string in Public Key Cryptography Standards (PKCS) format,
and save it locally. Before importing the public key, you must upload the public key file (in binary)
to the server through FTP or TFTP.
NOTE:
HP recommends you to configure a client public key by importing it from a public key file.
For more information about client public key configuration, see
Configuring a client public key manually
Step
1.
Enter system view.
Command
system-view
user-interface vty number
[ ending-number ]
authentication-mode scheme
protocol inbound { all | ssh }
Command
system-view
309
Remarks
N/A
N/A
By default, the authentication
mode is password.
Optional.
All protocols are supported by
default.
"Managing public
keys."
Remarks
N/A
Advertisement
Table of Contents
Troubleshooting
