Configuring a client's host public key manually, Configuring an ssh user, Configuration guidelines – H3C Technologies H3C SecPath F1000-E User Manual
Page 167
156
NOTE:
•
H3C recommends you to configure a client's host public key by importing it from a public key file.
•
You can configure up to 20 client's host public keys on an SSH server.
Configuring a client's host public key manually
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter public key view.
public-key peer keyname N/A
3.
Enter public key code view.
public-key-code begin
N/A
4.
Configure a client's host
public key.
Enter the content of the public key
Spaces and carriage returns are
allowed between characters.
5.
Return from public key code
view to public key view.
public-key-code end
When you exit public key code
view, the system automatically
saves the public key.
6.
Return from public key view to
system view.
peer-public-key end N/A
Importing a client's host public key from a public key file
Step Command
1.
Enter system view.
system-view
2.
Import the public key from a
public key file.
public-key peer keyname import sshkey filename
For more information about client's host public key configuration, see VPN Command Reference.
Configuring an SSH user
This configuration allows you to create an SSH user and specify the service type and authentication
method.
Configuration guidelines
When you perform the procedure in this section to configure an SSH user, follow these guidelines:
•
You can set the service type to Stelnet, SFTP, or all.
•
You can enable one of the following authentication modes for the SSH user:
{
Password—The user must pass password authentication.
{
Publickey authentication—The user must pass publickey authentication.
{
Password-publickey authentication—As an SSH user, the user must pass both password and
publickey authentication. As an SSH1 user, the user must pass either password or publickey
authentication.
{
Any—The user can use either password authentication or publickey authentication.