308
Configuration procedure
To configure an SSH user and specify the service type and authentication method:
Ste
Command Remarks
1. Enter system
view.
system-view N/A
2. Create an SSH
user, and
specify the
service type
and
authentication
method.
• For Stelnet users:
{ In non-FIPS mode:
ssh user username service-type stelnet authentication-type
{ password | { any | password-publickey | publickey } assign
publickey keyname }
{ In FIPS mode:
ssh user username service-type stelnet authentication-type
{ password | password-publickey assign publickey keyname }
• For all users, SCP or SFTP users:
{ In non-FIPS mode:
ssh user username service-type { all | scp | sftp }
authentication-type { password | { any | password-publickey |
publickey } assign publickey keyname work-directory
directory-name }
{ In FIPS mode:
ssh user username service-type { all | scp | sftp }
authentication-type { password | password-publickey assign
publickey keyname work-directory directory-name }
Use one of
the
commands
.
Setting the SSH management parameters
SSH management includes:
• Enabling the SSH server to be compatible with SSH1 client
• Setting the RSA server key pair update interval, applicable to users using SSH1 client
• Setting the SSH user authentication timeout period
• Setting the maximum number of SSH authentication attempts
Setting these parameters can help avoid malicious guessing at and cracking of the keys and usernames,
securing your SSH connections.
IMPORTANT:
uthentication fails if the number of authentication attempts (including both publickey and password
authentication) exceeds that specified in the ssh server authentication-retries command.
To set the SSH management parameters:
Ste
Command
Remarks
1. Enter system view.
system-view N/A
To Next Page
Loading...
Need help?
General
