PurposeCommand or Action
switch# configure terminal
switch(config)#
Enables or disables the SCP server on the Cisco NX-OS
device.
[no] feature scp-server
Example:
Step 2
switch(config)# feature scp-server
Enables or disables the SFTP server on the Cisco NX-OS
device.
Required: [no] feature sftp-server
Example:
Step 3
switch(config)# feature sftp-server
Exits global configuration mode.Required: exit
Example:
Step 4
switch(config)# exit
switch#
Displays the configuration status of the SCP and SFTP
servers.
(Optional) show running-config security
Example:
Step 5
switch# show running-config security
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 6
switch# copy running-config startup-config
Configuring X.509v3 Certificate-Based SSH Authentication
You can configure SSH authentication using X.509v3 certificates.
Before you begin
Enable the SSH server on the remote device.
SUMMARY STEPS
1. configure terminal
2. username user-id [password [0 | 5] password]
3. username user-id ssh-cert-dn dn-name {dsa | rsa}
4. [no] crypto ca trustpoint trustpoint
5. crypto ca authenticate trustpoint
6. (Optional) crypto ca crl request trustpoint bootflash:static-crl.crl
7. (Optional) show crypto ca certificates
8. (Optional) show crypto ca crl trustpoint
9. (Optional) show user-account
10. (Optional) show users
11. (Optional) copy running-config startup-config
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
139
Configuring SSH and Telnet
Configuring X.509v3 Certificate-Based SSH Authentication
To Next Page
Loading...
