beautypg.com

Configuring an ssh user – H3C Technologies H3C S12500-X Series Switches User Manual

Page 186

background image

174

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter public key view.

public-key peer keyname N/A

3.

Configure a client's host
public key.

Enter the content of the host public
key

When you enter the contents for a
host public key, you can use

spaces and carriage returns

between characters. When you
save the host public key, spaces

and carriage returns are removed

automatically.
For more information, see

"

882H

Managing public keys

."

4.

Return to system view.

peer-public-key end N/A

To import a client's host public key from a public key file:

Step Command

1.

Enter system view.

system-view

2.

Import a client's public key
from a public key file.

public-key peer keyname import sshkey filename

269B

Configuring an SSH user

To configure an SSH user that uses publickey authentication, perform the procedure in this section.
If the authentication method is publickey, you must create an SSH user and a local user on the server. To

get the correct working directory and user role, the local user must have the same username as the SSH

user.
If the authentication method is password-publickey or any, you must create an SSH user, and configure

a local user account by using the local-user command for local authentication, or configure an SSH user

account on an authentication server, for example, a RADIUS server, for remote authentication. In either

case, the local user or the SSH user configured for remote authentication must have the same username
as the SSH user.
For the authentication method is password, you do not need to perform the procedure in this section to

configure them unless you want to use the display ssh user-information command to display all SSH

users, including the password-only SSH users, for centralized management. If such an SSH user has been
created, make sure you have specified the correct service type and authentication method.

494B

Configuration guidelines

When you perform the procedure in this section to configure an SSH user, follow these guidelines:

An SSH server supports up to 1024 SSH users.

For an SFTP or SCP user, the working directory depends on the authentication method:

{

If the authentication method is password, the working directory is authorized by AAA.

{

If the authentication method is publickey or password-publickey, the working folder is specified
by the authorization-attribute command in the associated local user view.

For an SFTP or Stelnet user, the user role also depends on the authentication method:

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: