i
Table of Contents
1 SSH Configuration·····································································································································1-1
SSH Overview·········································································································································1-1
Introduction to SSH ·························································································································1-1
Algorithm and Key ···························································································································1-1
SSH Operating Process ··················································································································1-2
SSH Server and Client ····························································································································1-4
Configuring the SSH Server····················································································································1-5
Configuring the User Interfaces for SSH Clients·············································································1-6
Configuring the SSH Management Functions ·················································································1-7
Configuring Key Pairs······················································································································1-8
Creating an SSH User and Specifying an Authentication Type ······················································1-9
Specifying a Service Type for an SSH User on the Server···························································1-10
Configuring the Public Key of a Client on the Server ····································································1-11
Assigning a Public Key to an SSH User························································································1-12
Exporting the Host Public Key to a File ·························································································1-12
Configuring the SSH Client ···················································································································1-13
SSH Client Configuration Task List ·······························································································1-13
Configuring an SSH Client that Runs SSH Client Software ··························································1-13
Configuring an SSH Client Assumed by an SSH2-Capable Switch··············································1-19
Displaying and Maintaining SSH Configuration ····················································································1-21
Comparison of SSH Commands with the Same Functions ··································································1-22
SSH Configuration Examples ···············································································································1-23
When Switch Acts as Server for Local Password Authentication ·················································1-23
1.1.1 When Switch Acts as Server for Password and RADIUS Authentication ····························1-25
1.1.2 When Switch Acts as Server for Password and HWTACACS Authentication ·····················1-30
When Switch Acts as Server for Publickey Authentication ···························································1-32
When Switch Acts as Client for Password Authentication ····························································1-38
When Switch Acts as Client for Publickey Authentication·····························································1-39
When Switch Acts as Client and First-Time Authentication is not Supported·······························1-41