Dell PowerEdge FX2/FX2s User Manual

Page 173

Advertising
background image

Example of Generating RSA Keys

admin@Unix_client#ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/admin/.ssh/id_rsa):

/home/admin/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/admin/.ssh/id_rsa.

Your public key has been saved in /home/admin/.ssh/id_rsa.pub.

Configuring Host-Based SSH Authentication

Authenticate a particular host. This method uses SSH version 2.

To configure host-based authentication, use the following commands.

1.

Configure RSA Authentication. Refer to

Using RSA Authentication of SSH

.

2. Create shosts by copying the public RSA key to the file shosts in the directory .ssh, and write the IP

address of the host to the file.
cp /etc/ssh/ssh_host_rsa_key.pub /.ssh/shosts

Refer to the first example.

3. Create a list of IP addresses and usernames that are permitted to SSH in a file called rhosts.

Refer to the second example.

4. Copy the file shosts and rhosts to the Dell Networking system.
5. Disable password authentication and RSA authentication, if configured

CONFIGURATION mode or EXEC Privilege mode

no ip ssh password-authentication or no ip ssh rsa-authentication

6. Enable host-based authentication.

CONFIGURATION mode

ip ssh hostbased-authentication enable

7. Bind shosts and rhosts to host-based authentication.

CONFIGURATION mode

ip ssh pub-key-file flash://filename or ip ssh rhostsfile flash://filename

Examples of Creating shosts and rhosts

The following example shows creating shosts.

admin@Unix_client# cd /etc/ssh

admin@Unix_client# ls

moduli sshd_config ssh_host_dsa_key.pub ssh_host_key.pub

ssh_host_rsa_key.pub ssh_config ssh_host_dsa_key ssh_host_key

ssh_host_rsa_key

admin@Unix_client# cat ssh_host_rsa_key.pub

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA8K7jLZRVfjgHJzUOmXxuIbZx/

AyWhVgJDQh39k8v3e8eQvLnHBIsqIL8jVy1QHhUeb7GaDlJVEDAMz30myqQbJgXBBRTWgBpLWwL/

doyUXFufjiL9YmoVTkbKcFmxJEMkE3JyHanEi7hg34LChjk9hL1by8cYZP2kYS2lnSyQWk=

Security

173

Advertising
Popular Brands
Popular manuals