R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

321

322

323

324

325

326

327

328

329

330

311

You can configure up to 20 SSH client public keys on an SSH server.

For more information about client public key configuration, see "Managing public keys."

Configuring a client public key manually

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter public key view.

public-key peer keyname N/A

3. Enter public key code view.

public-key-code begin N/A

4. Configure a client's host

public key.

Enter the content of the host public

key

Spaces and carriage returns are

allowed between characters.

5. Return to public key view and

save the configured host

public key.

public-key-code end

When you exit public key code

view, the system automatically

saves the public key.

6. Return to system view.

peer-public-key end N/A

Importing a client public key from a public key file

Ste

Command

1. Enter system view.

system-view

2. Import the public key from a

public key file.

public-key peer keyname import sshkey filename

Configuring an SSH user

If the authentication method is publickey, you must perform the procedure in this section.

If the authentication method is password or password-publickey, you must configure a local user account

by using the local-user command for local authentication, or configure an SSH user account on an

authentication server, for example, a RADIUS server, for remote authentication. For more information

about the local-user command, see Security Command Reference.

If the authentication method is password, you do not need to perform the procedure in this section to

configure them unless you want to use the display ssh user-information command to display all SSH

users, including the password-only SSH users, for centralized management.

Configuration guidelines

• You can set the service type to Stelnet, SFTP, or SCP.

• You can enable one of the following authentication modes for the SSH user:

{ Password—The user must pass password authentication.

{ Publickey authentication—The user must pass publickey authentication.

{ Password-publickey authentication—As an SSH2.0 user, the user must pass both password and

publickey authentication. As an SSH1 user, the user must pass either password or publickey

authentication.

{ Keyboard-interactive—The user must pass keyboard-interactive authentication.