Manualshelf

SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
241242243244245246247248249250
By providing a username and a public key
By other means, such as Kerberos or X.509 certificates
When operating as a daemon, SSH2 currently supports the following authentication methods:
password (RFC 4252)
The password sent by the client is verified against the SYSTEM-USER’s password contained in the NonStop
system user base.
Publickey (RFC 4252)
keyboard-interactive (RFC 4256)
The client is prompted for a password, which is verified against the SYSTEM-USER’s password contained in
the NonStop system user base.
gssapi-with-mic, gssapi-keyex (RFC 4462)
These methods are used for Kerberos authentication.
The same authentication methods are also supported when SSH2 is operating as a client. The following sections provide
an overview of the publickey user authentication method.
Publickey client logon when operating as daemon
(KEYPAIR2) The public key of the client is configured in the user database with the PUBLICKEY FILE or
PUBLICKEY FINGERPRINT property of a USER entity of the SSH user database. (please see chapter "The SSH User
Database" for details).
To find out the fingerprint of an existing public key on a remote system, please refer to the documentation of the sftp
implementation you use. The following example shows how to display the fingerprint with the ssh-keygen and the "-l"
option utility in OpenSSH:
T:\>ssh-keygen -l
Enter file in which the key is (/home/comf.burgt/.ssh/id_rsa):
1024 5c:16:2f:95:fe:0e:1e:97:15:98:0f:ba:ae:32:c3:67 /home/comf.burgt/.ssh/id_rsa.pub
T:\>
The fingerprint to be configured on the NonStop system is highlighted in bold.
Publickey client logon when operating as client
The public key of the remote system is configured using the KNOWNHOST entity of the user database using the
CLIENT mode of the SSHCOM command interpreter.
(KEYPAIR4) The private key used to log on the partner system is configured using the KEY entity of the user database
using the CLIENT mode of the SSHCOM command interpreter. The public key to be configured on the remote system
can be displayed using the INFO KEY command or exported into a file using the EXPORT KEY command.
244 SSH Protocol Reference HP NonStop SSH Reference Manual