beautypg.com

Configuring a client public key, Configuring a client public key manually – H3C Technologies H3C SecPath F1000-E User Manual

Page 62

background image

6

Follow these steps to configure the protocols for the current user interface to support:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter user interface view of one or

more user interfaces

user-interface vty number

[ ending-number ]

Set the login authentication mode
to scheme

authentication-mode scheme

Required
By default, the authentication
mode is password.

Configure the user interface(s) to
support SSH login

protocol inbound { all | ssh }

Optional
All protocols are supported by
default.

NOTE:

For more information about the authentication-mode and protocol inbound commands, see

User

Interface Commands in the System Volume.

If you configure a user interface to support SSH, be sure to configure the corresponding authentication
mode with the authentication-mode scheme command.

For a user interface configured to support SSH, you cannot change the authentication mode. To change
the authentication mode, undo the SSH support configuration first.

Configuring a Client Public Key

NOTE:

This configuration task is only necessary for SSH users using publickey authentication.

For each SSH user that uses publickey authentication to login, you must configure the client’s DSA or RSA

host public key on the server, and configure the client to use the corresponding private key.
To configure the public key of an SSH client, you can:

Configure it manually: You can input or copy the public key to the SSH server. The public key must
have not been converted and be in the distinguished encoding rules (DER) encoding format.

Import it from the public key file: During the import process, the system will automatically convert the
public key to a string coded using the Public Key Cryptography Standards (PKCS). Before importing

the public key, you must upload the public key file (in binary) to the local host through FTP or TFTP.

CAUTION:

You are recommended to configure a client public key by importing it from a public key file.

You can configure at most 20 client public keys on an SSH server.

Configuring a client public key manually

Follow these steps to configure the client public key manually:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter public key view

public-key peer keyname

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: