Step 4
Specify the SSH public key in Open SSH format.
switch(config)# username User1 sshkey ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEAri3mQy4W1AV9Y2t2hrEWgbUEYz
CfTPO5B8LRkedn56BEy2N9ZcdpqE6aqJLZwfZcTFEzaAAZp9AS86dgBAjsKGs7UxnhGySr8ZELv+DQBsDQH6rZt0KR+2Da8hJD4Z
XIeccWk0gS1DQUNZ300xstQsYZUtqnx1bvm5Ninn0McNinn0Mc=
Step 5
Save the configuration.
switch(config)# copy running-config startup-config
Configuring X.509v3 Certificate-Based SSH Authentication
You can configure SSH authentication using X.509v3 certificates.
Before You Begin
Enable the SSH server on the remote device.
Procedure
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
switch# configure terminal
switch(config)#
Step 1
Configures a user account. The user-id argument is a
case-sensitive, alphanumeric character string with a
username user-id [password [0 | 5]
password]
Step 2
maximum length of 28 characters. Valid characters are
Example:
switch(config)# username jsmith
password 4Ty18Rnt
uppercase letters A through Z, lowercase letters a through
z, numbers 0 through 9, hyphen (-), period (.), underscore
(_), plus sign (+), and equal sign (=). The at symbol (@)
is supported in remote usernames but not in local
usernames.
Usernames must begin with an underscore (_), which is
supported starting with Cisco NX-OS Release 7.0(3)I2(2),
or an alphanumeric character.
The default password is undefined. The 0 option indicates
that the password is clear text, and the 5 option indicates
that the password is encrypted. The default is 0 (clear
text).
If you do not specify a password, the user might
not be able to log in to the Cisco NX-OS device.
Note
If you create a user account with the encrypted
password option, the corresponding SNMP user
will not be created.
Note
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
68
Configuring SSH and Telnet
Configuring X.509v3 Certificate-Based SSH Authentication
To Next Page
Loading...
