R2511-HP MSR Router Series Security Command Reference(V5)

ManualsBrandsHP ManualsNetwork HardwareHP MSR1003-8 AC Router

431

432

433

434

435

436

437

438

439

440

421

ssh user

Use ssh user to create an SSH user and specify the service type and authentication method.

Use undo ssh user to delete an SSH user.

Syntax

In non-FIPS mode:

ssh user username service-type stelnet authentication-type { password | { any | password-publickey |

publickey } assign { pki-domain pkiname | publickey keyname } }

ssh user username service-type { all | scp | sftp } authentication-type { password | { any |

password-publickey | publickey } assign { pki-domain pkiname | publickey keyname } work-directory

directory-name }

undo ssh user username

In FIPS mode:

ssh user username service-type stelnet authentication-type { password | password-publickey assign

publickey keyname }

ssh user username service-type { all | sftp } authentication-type { password | password-publickey

assign publickey keyname work-directory directory-name }

undo ssh user username

Views

System view

Default command level

3: Manage level

Parameters

username: Specifies an SSH username, a case-sensitive string of 1 to 80 characters.

service-type: Specifies the service type of an SSH user:

• all: Specifies Stelnet, SFTP, and SCP.

• scp: Specifies the service type as SCP.

• sftp: Specifies the service type as SFTP.

• stelnet: Specifies the service type as Stelnet.

authentication-type: Specifies the authentication method of an SSH user:

• password: Performs password authentication. This authentication method features easy and fast

encryption, but it is vulnerable. It can work with AAA to implement user authentication,

authorization, and accounting.

• any: Performs either password authentication or publickey authentication. This method is not

supported in FIPS mode.

• password-publickey: Performs both password authentication and publickey authentication

(featuring higher security) if the client runs SSH2, and performs either type of authentication if the

client runs SSH1.

• publickey: Performs publickey authentication. This authentication method has the complicated and

slow encryption, but it provides strong authentication that can defend against brute-force attacks.

This authentication method is easy to use. If this method is configured, the authentication process