Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

771

772

773

774

775

776

777

778

779

780

ip ssh rsa-authentication enable

5 Install user’s public key for RSA authentication in SSH.

EXEC Privilege Mode

ip ssh rsa-authentication username username my-authorized-keys flash://public_key

If you provide the username, the Dell EMC Networking OS installs the public key for that specic user. In case, no user is associated

with the current logged-in session, the system displays the following error message.

NOTE: If no user is associated with the current logged-in session, the system displays the following error message. %

Error: No username set for this term.

Example of Generating RSA Keys

admin@Unix_client#ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/admin/.ssh/id_rsa):

/home/admin/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/admin/.ssh/id_rsa.

Your public key has been saved in /home/admin/.ssh/id_rsa.pub.

Conguring Host-Based SSH Authentication

Authenticate a particular host. This method uses SSH version 2.

To congure host-based authentication, use the following commands.

1 Congure RSA Authentication. Refer to Using RSA Authentication of SSH.

2 Create shosts by copying the public RSA key to the le shosts in the directory .ssh, and write the IP address of the host to the le.

cp /etc/ssh/ssh_host_rsa_key.pub /.ssh/shosts

Refer to the rst example.

3 Create a list of IP addresses and usernames that are permitted to SSH in a le called rhosts.

Refer to the second example.

4 Copy the le shosts and rhosts to the Dell EMC Networking system.

5 Disable password authentication and RSA authentication, if congured

CONFIGURATION mode or EXEC Privilege mode

no ip ssh password-authentication or no ip ssh rsa-authentication

6 Enable host-based authentication.

CONFIGURATION mode

ip ssh hostbased-authentication enable

7 Bind shosts and rhosts to host-based authentication.

CONFIGURATION mode

ip ssh pub-key-file flash://filename or ip ssh rhostsfile flash://filename

Examples of Creating

shosts

and

rhosts

The following example shows creating shosts.

admin@Unix_client# cd /etc/ssh

admin@Unix_client# ls

moduli sshd_config ssh_host_dsa_key.pub ssh_host_key.pub

780

Security