Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

921

922

923

924

925

926

927

928

929

930

Password Authentication : enabled.

Hostbased Authentication : disabled.

RSA Authentication : disabled.

Using RSA Authentication of SSH

The following procedure authenticates an SSH client based on an RSA key using RSA authentication. This method uses SSH version 2.

1 On the SSH client (UNIX machine), generate an RSA key, as shown in the following example.

2 Copy the public key id_rsa.pub to the Dell Networking system.

3 Disable password authentication if enabled.

CONFIGURATION mode

no ip ssh password-authentication enable

4 Enable RSA authentication in SSH.

CONFIGURATION mode

ip ssh rsa-authentication enable

5 Install user’s public key for RSA authentication in SSH.

EXEC Privilege mode

ip ssh rsa-authentication my-authorized-keys flash://public_key

Example of Generating RSA Keys

admin@Unix_client#ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/admin/.ssh/id_rsa):

/home/admin/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/admin/.ssh/id_rsa.

Your public key has been saved in /home/admin/.ssh/id_rsa.pub.

Conguring Host-Based SSH Authentication

Authenticate a particular host. This method uses SSH version 2.

To congure host-based authentication, use the following commands.

1 Congure RSA Authentication. Refer to Using RSA Authentication of SSH.

2 Create shosts by copying the public RSA key to the le shosts in the directory .ssh, and write the IP address of the host to the le.

cp /etc/ssh/ssh_host_rsa_key.pub /.ssh/shosts

Refer to the rst example.

3 Create a list of IP addresses and usernames that are permitted to SSH in a le called rhosts.

Refer to the second example.

4 Copy the le shosts and rhosts to the Dell Networking system.

5 Disable password authentication and RSA authentication, if congured

CONFIGURATION mode or EXEC Privilege mode

no ip ssh password-authentication or no ip ssh rsa-authentication

6 Enable host-based authentication.

CONFIGURATION mode

ip ssh hostbased-authentication enable

Security

925