335
and carriage returns are removed
automatically.
For more information, see
"Managing public keys."
4. Return to system view.
peer-public-key
end
N/A
Importing the client's host public key from the public key file
Before you import the host public key, upload the client's public key file (in binary) to the server, for
example, through FTP or TFTP. During the import process, the server automatically converts the
host public key in the public key file to a string in PKCS format.
To import a client's host public key from the public key file:
1. Enter system view.
system-view
2. Import a client's
from a public key file.
public-key peer
keyname
import sshkey
filename
Configuring an SSH user
Configure an SSH user and a local user depending on the authentication method.
• If the authentication method is publickey, you must create an SSH user and a local user on the
SSH server. The two users must have the same username, so that the SSH user can be
assigned the correct working directory and user role.
• If the authentication method is password, you must perform one of the following tasks:
ï‚¡ For local authentication, configure a local user on the SSH server.
ï‚¡ For remote authentication, configure an SSH user on a remote authentication server, for
example, a RADIUS server.
You do not need to create an SSH user by using the ssh user command. However, if you want
to display all SSH users, including the password-only SSH users, for centralized management,
you can use this command to create them. If such an SSH user has been created, make sure
you have specified the correct service type and authentication method.
• If the authentication method is password-publickey or any, you must create an SSH user and
perform one of the following tasks:
ï‚¡ For local authentication, configure a local user on the SSH server.
ï‚¡ For remote authentication, configure an SSH user on a remote authentication server, for
example, a RADIUS server.
In either case, the local user or the SSH user configured on the remote authentication server
must have the same username as the SSH user.
Configuration guidelines
When you configure an SSH user, follow these restrictions and guidelines:
• An SSH server supports up to 1024 SSH users.
• For an SFTP or SCP user, the working directory depends on the authentication method.
ï‚¡ If the authentication method is password, the working directory is authorized by AAA.
ï‚¡ If the authentication method is publickey or password-publickey, the working folder is
specified by the authorization-attribute command in the associated local user view.
• For an SSH user, the user role also depends on the authentication method.
To Next Page
Loading...
Need help?
General