beautypg.com

Asus GigaX2024SX User Manual

Page 206

background image

77413098022737087794545 24083971752646358058176716709574804776117

3.

public-key

command to copy a file containing the public key for all the SSH client’s granted

ess to the switch. (Note that these clients must be configured

locally on the switch via the User Accounts page as described on page 3-48) The

uently authenticated using these keys. The current firmware

only

iles based on standard UNIX format as shown in the

xample for an RSA Version 1 key :


1024351341081685609893921040944920155425347631641921872958921143

9408386863110929123222682851925437460310

2902978982721353267131629432532818915045306393916643steve


4. Set the Optional Parameters – Set ot
au
5.

er command to enable the SSH

llenge-Response Authentication – When an SSH client attempts

the host key pair to negotiate a session

d. Only clients that have a private key corresponding to

an gain access. The following exchanges

during this process:

ts public key to the switch.

ory.

dom

tes, and sends this string to the client.

s its private key to decrypt the bytes, and sends the

ck to the switch.

pares the decrypted bytes to the original bytes it sent. If the

match, this means that the client's private key corresponds to an

authorized public key, and the client is authenticated.


Note: To use SSH with only password authentication, the host public key must
still be given to the client, either during initial connection or manually entered into
the known host file. However, you do not need to configure the client’s keys.
ip ssh server
Use this command to enable the Secure Shell (SSH) server on this switch. Use
the no form to disable this service.

Syntax

ip ssh server
no ip ssh server

Import Client’s Public Key to the Switch – Use the copy tftp

management acc

clients are subseq

accepts public key f

following e

173880055536161631051775
0937187721199696317813662774141689851320491172048303392543241016
3799759237144901193800609025394840848271781943722884025331159521
3486102
@192.168.1.19

her optional parameters, including the

thentication timeout, the number of retries, and the server key size.

Enable SSH Service – Use the ip ssh serv

se
6. Configure Cha

rver on the switch.

to contact the switch, the SSH server uses
key and encryption metho
the public keys stored on the switch c
ta e place

k

a. The client sends i
b. The switch compares the client's public key to those stored in mem

found, the switch uses the public key to encrypt a ran

c. If a match is
se

e of by

quenc

d. The client use
decrypted bytes ba

witch com

e. The s
two sets

4-38

See also other documents in the category Asus Communication: