H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 614
64-9
To do…
Use the command…
Remarks
Enter system view
system-view
—
For stelnet
users
ssh user username service-type stelnet
authentication-type
{ password | { any |
password-publickey
| publickey } assign
publickey
keyname }
Create an SSH
user, and
specify the
service type
and
authentication
method
For all users or
sftp users
ssh user username service-type
{ all | sftp }
authentication-type
{ password | { any |
password-publickey
| publickey } assign
publickey
keyname work-directory
directory-name
}
Required
Use either
command.
z
After passing AAA authentication, an AAA user without SSH user account still can log on to the
server using password authentication and Stelnet or SFTP service.
z
An SSH server supports up to 1024 SSH users.
z
The service type of an SSH user can be Stelnet or SFTP. stelnet, or the secure Telnet protocol,
refers to the traditional SSH service. For information about stelnet, refer to
. sftp
represents the secure FTP protocol. For information about sftp, refer to
z
For successful login through SFTP, you must set the user service type to sftp or all.
z
You can set the service type of an SSH user to stelnet or all if the user does not need SFTP
service.
z
As SSH1 does not support service type sftp, if the client uses SSH1 to log in to the server, you
must set the service type to stelnet or all on the server. Otherwise, the client will fail to log in
successfully.
z
The working folder of an SFTP user is subject to the user authentication method. For a user using
only password authentication, the working folder is the AAA authorized one. For a user using only
publickey authentication or using both the publickey and password authentication methods, the
working folder is the one set by using the ssh user command.
z
The configured authentication method takes effect when the user logs in next time.