Avocent CPS1610 CPS User Manual
Page 32
26
CPS Installer/User Guide
For more information, see Using Authentication Modes and Encryption in
this chapter.
SSH user keys
A user’s SSH key is specified in a User Add or User Set command. You may
define a key even if SSH is not currently enabled. The key can be specified in
one of two ways:
•
When using the SSHKEY and FTPIP keyword pair to defi ne the network
location of a user’s SSH key fi le, the SSHKEY parameter specifi es the
name of the uuencoded (Unix to Unix encoded) public key fi le on an FTP
server. The maximum fi le size that can be received is 4K bytes. The FTPIP
parameter specifi es the FTP server’s IP address.
When this method is specifi ed, the CPS initiates an FTP client request
to the specifi ed IP address. The CPS then prompts the user for an FTP
username and password for connection. When connected, the CPS will
GET the specifi ed key fi le and the FTP connection will be closed. The CPS
then stores the SSH key with the username in the CPS user database.
•
When using the KEY keyword to specify the SSH key, the KEY param-
eter specifi es the actual uuencoded SSH key. This is for confi gurations
that do not implement an FTP server. The CPS stores the specifi ed key
in the CPS user database.
The CPS processes a uuencoded SSH2 public key file with the format described
in the IETF document draft-ietf-secshpublickeyfile-02. The key must follow all
format requirements. The UNIX ssh-keygen2 generates this file format. The
CPS also processes a uuencoded SSH1 public key file. The UNIX ssh-keygen
generates this file format.
To enable SSH session access to the CPS:
1.
Issue a Show Server Security command to ensure that you are using an
authentication method other than None.
SHOW SERVER SECURITY
2.
Issue a Server SSH command with the Enable parameter. You may also
specify an authentication method.
SERVER SSH ENABLE AUTH=<auth>
If an authentication method is not specifi ed, the previous authentication
parameter will be used. The default value is AUTH=PW.
3.
If you are enabling SSH for the fi rst time, you are advised that all other
CPS sessions will be terminated. Enter Y to continue or N to cancel.