KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

251

252

253

254

255

256

257

258

259

260

3. Use copy ftp to copy the client public-key file into the switch. Note that the switch can hold

10 keys. The new key is appended to the client public-key file

Use the aaa authentication ssh command to enable client public-key authentication.

Copying client key files

Only one ssh client key for authenticating the manager is allowed on a switch. The copy command

allows you to copy the client key files using sftp, tftp, and usb or xmodem, allowing

encryption and authentication through SSH. There is no way to generate the private key on the

switch; it must be copied onto the switch.

To load the client's private key onto the switch, use one of the following commands.

Syntax:

copy sftp ssh-client-key [ user <username | username@> ]

<hostname | IPv4 | IPv6> <private-key-filename> [ port |

<tcp-port-num> ]

copy tftp ssh-client-key <hostname | IPv4 | IPv6>

<private-key-filename>

copy usb ssh-client-key <private-key-filename>

copy xmodem ssh-client-key

Copies the client key file <private-key-filename>onto the switch.

ssh-client-key

The client key file being copied to the switch. The file must contain an RSA or DSA

key.

[ user <username | username@> ]

Optional, there must be configured usernames for operator and manager.

If no username is specified, the client's current username is used. There will be

a prompt for a password if needed.

hostname

Specifies the hostname of the SFTP or TFTP server.

IPv4

Specifies the SFTP or TFTP server's IPv4 address.

IPv6

Specifies the SFTP or TFTP server's IPv6 address.

<private-key-filename>

The remote filename containing the key.

[ port <tcp-port-num> ]

TCP port of the SSH server on the remote system.

The copied private key is stored in the ssh directory of the switch file system and is persistent across

switch reboots. After the initial copying is complete, the client key can be overwritten by repeating

the copy command. No verification of the validity of the key is done when executing the copy

command.

Copying the SSH-Client-Known-Hosts file

Replacing or appending the SSH-client-known-hosts file

There is one SSH client known hosts file per switch, stored in the ssh directory of the switch file

system. The SSH client known hosts file can be overwritten or appended using the commands

Using 251