V. configuring a client public key for a user, Configuring a, Client public key for a – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – SSH Terminal Service

H3C S3100-52P Ethernet Switch

Chapter 1 SSH Terminal Service

1-8

V. Configuring a client public key for a user

On the switch, you can configure a client public key (generated randomly on a client) for
a client user. This configuration is not required for password authentication type.
There are two methods to configure a client public key for a user.
1) Manual

configuration

First, perform the following operations on a client:

z

Use the SSH2.0 client software to randomly generate a RSA key pair.

z

Use the SSHKEY.exe program to transform the public key in the RSA key pair to
PKCS (public-key cryptography standards) format.

Then, perform the following operations on the server:

Table 1-6

Configure client public key for a user

Operation

Command

Description

Enter system view

system-view

—

Enter public key view

rsa peer-public-key
key-name

Required

Enter public key edit

view to input a client

public key

public-key-code
begin

When you input the key data,

spaces are allowed between the

characters you input (because the

system can remove the spaces

automatically); you can also press

to continue your input at

the next line. But the key you input

should be a hexadecimal digit

string coded in the public key

format.

Return to public key

view from public key

edit view

public-key-code
end

The system saves the public key

data you input when exiting public

key edit view.

Return to system

view from public key

view

peer-public-key

end —

Assign a client public

key to an SSH user

ssh user username

assign rsa-key

keyname

Required
Keyname

is the name of an

existing public key. If the user has

already been assigned with a

public key, the newly assigned

public key overwrites the old one.