4-26
Configuring Secure Shell (SSH)
Messages Related to SSH Operation
With login rsa local configured, if the switch does not have an Operator-level
password, it blocks client public-key access to SSH clients whose private keys
do not match a public key in the switch’s client-public-key file.
Caution To enable client public-key authentication to block SSH clients whose public
keys are not in the client-public-key file copied into the switch, you must
configure the Login Secondary as none. Otherwise, the switch allows such
clients to attempt access using the switch’s Operator password.
Messages Related to SSH Operation
Syntax: aaa authentication ssh login rsa none
Allows SSH client access only if the switch detects a
match between the client’s public key and an entry in
the client-public-key file most recently copied into the
switch.
aaa authentication ssh login rsa local
Allows SSH client access if there is a public key match
(see above) or if the client’s user enters the switch’s
login (Operator) password.
Message Meaning
00000K Peer unreachable. Indicates an error in communicating with the tftp server or
not finding the file to download. Causes include such factors
as:
• Incorrect IP configuration on the switch
• Incorrect IP address in the command
• Case (upper/lower) error in the filename used in the
command
• Incorrect configuration on the TFTP server
• The file is not in the expected location.
• Network misconfiguration
• No cable connection to the network
!FishSecurity.book Page 26 Thursday, October 10, 2002 9:19 PM
To Next Page
Loading...
Need help?
General
