R3166-R3206-HP High-End Firewalls System Management and Maintenance Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

171

172

173

174

175

176

177

178

179

180

171

• password-publickey: Specifies that SSH2 clients perform both password authentication and

publickey authentication and that SSH1 clients perform either type of authentication.

• publickey: Performs publickey authentication.

assign publickey keyname: Assigns an existing public key to an SSH user. keyname indicates the name

of the client public key and is a string of 1 to 64 characters.

work-directory directory-name: Specifies the working folder for an SFTP user. directory-name indicates

the name of the working folder and is a string of 1 to 135 characters.

Description

Use the ssh user command to create an SSH user and specify the service type and authentication

method.

Use the undo ssh user command to delete an SSH user.

For a publickey authentication user, you must configure the username and the public key on the device.

For a password authentication user, you can configure the account information on either the device or the

remote authentication server such as a RADIUS server.

If you use the ssh user command to configure a public key for a user who has already had a public key,

the new one overwrites the old one.

Authentication method and public key configuration takes effect only for users logging in after the

configuration.

If an SFTP user has been assigned a public key, it is necessary to set a working folder for the user.

The working folder of an SFTP user is subject to the user authentication method. For a user using only

password authentication, the working folder is the AAA authorized one. For a user using only publickey

authentication or using both the publickey and password authentication methods, the working folder is

the one set by using the ssh user command.

Related commands: display ssh user-information.

Examples

# Create an SSH user named user1, setting the service type as sftp, the authentication method as

publickey, the work folder of the SFTP server as flash, and assigning a public key named key1 to the

user.

<Sysname> system-view

[Sysname] ssh user user1 service-type sftp authentication-type publickey assign publickey

key1 work-directory flash:

SSH2.0 client configuration commands

display ssh client source

Syntax

display ssh client source

View

Any view

Default level

1: Monitor level