Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

181

182

183

184

185

186

187

188

189

190

Configuring outgoing SSH authentication

After the allowed-user is configured, the remaining setup steps must be completed by the allowed-user.

Use the following procedure to configure outgoing SSH authentication.

1. Log in to the switch as the default admin.

2. Change the allowed-user’s permissions to admin, if applicable.

switch:admin> userconfig --change username -r admin

The

username

variable is the name of the user who can perform SSH public key authentication, and who can import, export,

and delete keys.

3. Set up the allowed-user by typing the following command:

switch:admin> sshutil allowuser username

The

username

variable is the name of the user who can perform SSH public key authentication, and who can import, export,

and delete keys.

4. Generate a key pair for switch-to-host (outgoing) authentication by logging in to the switch as the allowed-user and entering the

sshUtil genkey command.

You may enter a passphrase for additional security.

Example of generating a key pair on the switch

switch:alloweduser> sshutil genkey

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Key pair generated successfully.

5. Export the public key to the host by logging in to the switch as the allowed-user and entering the sshUtil exportpubkey

command to export the key.

Example of exporting a public key from the switch

switch:alloweduser> sshutil exportpubkey

Enter IP address:192.168.38.244

Enter remote directory:~auser/.ssh

Enter login name:auser

Password:

public key out_going.pub is exported successfully.

6. Append the public key to a remote host by logging in to the remote host, locating the directory where authorized keys are

stored, and appending the public key to the file.

You may need to refer to the host’s documentation to locate where the authorized keys are stored.

7. Test the setup by using a command that uses SCP and authentication, such as firmwareDownload or configUpload.

Deleting public keys on the switch

Use the following procedure to delete public keys from the switch.

1. Connect to the switch and log in using an account with admin permissions.

2. Use the sshUtil delpubkeys command to delete public keys.

Configuring Protocols

Brocade Fabric OS Administration Guide, 8.0.1

53-1004111-02 189