Installation & Operation Manual 390 Document # LTRT-92224
Mediant 8000
33.18.8 Password-less Access to the CLI Interface
The Mediant 8000 may be configured to perform CLI user authentication based on
the RSA or DSA private/public key pair. When such authentication is enabled, users
are granted access to the Mediant 8000 CLI without the need to interactively enter a
password.
Note: Password-less access is only supported when you connect to the CLI
interface via the SSH protocol.
In order to enable RSA or DSA private/public key based authentication, take the
following steps:
Generate a RSA or DSA private/public key pair for the SSH client.
Transfer the generated public key to the Mediant 8000 and authorize its use for a
specific CLI user.
Verify that the password-less login works, by starting the SSH client software and
using the generated private key for authentication.
RSA keys are generally considered to be stronger than DSA keys. Therefore if your
SSH client application supports both authentication mechanisms, it is recommended
to generate RSA keys.
RSA or DSA private/public key authentication may be configured to be the only valid
authentication scheme for a specific CLI user. However, this configuration may not be
applied to root and ems users who are utilized by the EMS server.
33.18.8.1 Generating a Private/Public Key Pair
An RSA or DSA private/public key pair must be generated on the SSH client. The
exact procedures for key generation may differ, depending on the SSH client software
used – therefore if the below procedures do not work, refer to your SSH client
documentation.
If you use standard Linux/UNIX command-line SSH client software:
1. Log in to your client machine with the same credentials (username / password)
that you will be using for starting the SSH client.
2. To generate an RSA key, type ssh-keygen –t rsa at the prompt.
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
To Next Page
Loading...
Need help?
General
