2196
C
HAPTER
142: SSH2.0 C
ONFIGURATION
C
OMMANDS
■
For a publickey authentication user, you must configure the username and the
public key on the device. For a password authentication user, you can configure
the account information on either the device or the remote authentication
server such as a RADIUS server.
■
If you use the
ssh user
command to configure a public key for a user who has
already had a public key, the new one overwrites the old one.
■
The new public key takes effect when the user logs in next time.
■
If an SFTP user has been assigned a public key, it is necessary to set a working
folder for the user.
■
The working folder of an SFTP user is subject to the user authentication
method. For a user using only password authentication, the working folder is
the AAA authorized one. For a user using only publickey authentication or
using both the publickey and password authentication methods, the working
folder is the one set by using the
ssh user
command.
Related command:
display ssh user-information
.
Example
# Create an SSH user named
user1
, and specify the service type as
sftp
, the
authentication method as
publickey
, the work folder of the SFTP server as
flash
,
and assign a public key named
key1
to the user.
<Sysname> system-view
[Sysname] ssh user user1 service-type sftp athentication-type public
key assign publickey key1 work-directory flash:
ssh2
Syntax
ssh2
server
[
port-number
] [
identity-key
{
dsa
|
rsa
} |
prefer-ctos-cipher
{
3des
|
aes128
|
des
} |
prefer-ctos-hmac
{
md5
|
md5-96
|
sha1
|
sha1-96
} |
prefer-kex
{
dh-group-exchange
|
dh-group1
|
dh-group14
} |
prefer-stoc-cipher
{
3des
|
aes128
|
des
} |
prefer-stoc-hmac
{
md5
|
md5-96
|
sha1
|
sha1-96
} ] *
View
User view
Parameter
server
: IPv4 address or name of the server, a string of 1 to 20 characters.
port-number
: Port number of the server, in the range 0 to 65535. The default is
22.
identity-key
: Specifies the algorithm for publickey authentication, either
dsa
or
rsa
. The default is
dsa
.
prefer-ctos-cipher
: Preferred encryption algorithm from client to server, defaulted
to
aes128
.
■
3des
: Encryption algorithm 3des-cbc.
■
aes128
: Encryption algorithm aes128-cbc
■
des
: Encryption algorithm des-cbc.
Summary of Contents for MSR 20-20
Page 110: ......
Page 130: ...130 CHAPTER 4 ATM OC 3C STM 1 INTERFACE CONFIGURATION COMMANDS...
Page 141: ...141 Sysname system view Sysname interface atm 5 0 Sysname Atm5 0 shdsl wire 4 auto enhanced...
Page 142: ...142 CHAPTER 5 G SHDSL INTERFACE CONFIGURATION COMMANDS...
Page 150: ...150 CHAPTER 6 ADSL INTERFACE CONFIGURATION COMMANDS...
Page 174: ...174 CHAPTER 8 GENERAL ETHERNET INTERFACE CONFIGURATION COMMANDS...
Page 186: ...186 CHAPTER 9 CONFIGURATION COMMANDS FOR ETHERNET INTERFACES IN BRIDGE MODE...
Page 288: ...288 CHAPTER 17 FUNDAMENTAL CT3 INTERFACE CONFIGURATION COMMANDS...
Page 290: ...290 CHAPTER 18 ISDN BRI INTERFACE CONFIGURATION COMMANDS...
Page 336: ...336 CHAPTER 20 DCC CONFIGURATION COMMANDS...
Page 418: ...418 CHAPTER 24 GVRP CONFIGURATION COMMANDS...
Page 502: ...502 CHAPTER 30 PORT MIRRORING CONFIGURATION COMMANDS...
Page 532: ...532 CHAPTER 32 PPP LINK EFFICIENCY MECHANISM CONFIGURATION COMMANDS...
Page 538: ...538 CHAPTER 33 PPPOE SERVER CONFIGURATION COMMANDS...
Page 548: ...548 CHAPTER 35 PPP DEBUGGING COMMANDS...
Page 596: ...596 CHAPTER 37 ISDN CONFIGURATION COMMANDS...
Page 630: ...630 CHAPTER 38 MSTP CONFIGURATION COMMANDS...
Page 638: ...638 CHAPTER 39 VLAN CONFIGURATION COMMANDS...
Page 652: ...652 CHAPTER 41 VOICE VLAN CONFIGURATION COMMANDS...
Page 670: ...670 CHAPTER 44 LOGICAL INTERFACE CONFIGURATION COMMANDS...
Page 688: ...688 CHAPTER 45 CPOS INTERFACE CONFIGURATION COMMANDS...
Page 696: ...696 CHAPTER 46 ARP CONFIGURATION COMMANDS...
Page 728: ...728 CHAPTER 51 DHCP SERVER CONFIGURATION COMMANDS...
Page 742: ...742 CHAPTER 52 DHCP RELAY AGENT CONFIGURATION COMMANDS...
Page 746: ...746 CHAPTER 53 DHCP CLIENT CONFIGURATION COMMANDS...
Page 750: ...750 CHAPTER 54 DHCP SNOOPING CONFIGURATION COMMANDS...
Page 772: ...772 CHAPTER 57 DNS CONFIGURATION COMMANDS...
Page 786: ...786 CHAPTER 59 IP ADDRESSING CONFIGURATION COMMANDS...
Page 806: ...806 CHAPTER 60 IP PERFORMANCE CONFIGURATION COMMANDS...
Page 818: ...818 CHAPTER 61 IP UNICAST POLICY ROUTING CONFIGURATION COMMANDS...
Page 822: ...822 CHAPTER 62 UDP HELPER CONFIGURATION COMMANDS...
Page 824: ...824 CHAPTER 63 URPF CONFIGURATION COMMANDS...
Page 828: ...828 CHAPTER 64 FAST FORWARDING COMMANDS...
Page 880: ...880 CHAPTER 67 DUAL STACK CONFIGURATION COMMANDS...
Page 888: ...888 CHAPTER 68 TUNNELING CONFIGURATION COMMANDS...
Page 928: ...928 CHAPTER 70 TERMINAL ACCESS CONFIGURATION COMMANDS...
Page 1014: ...1014 CHAPTER 72 BGP CONFIGURATION COMMANDS...
Page 1088: ...1088 CHAPTER 74 IS IS CONFIGURATION COMMANDS...
Page 1106: ...1106 CHAPTER 75 IS IS DEBUGGING COMMANDS...
Page 1212: ...1212 CHAPTER 79 IPV4 ROUTING POLICY CONFIGURATION COMMANDS...
Page 1268: ...1268 CHAPTER 82 IPV6 BGP CONFIGURATION COMMANDS...
Page 1324: ...1324 CHAPTER 85 IPV6 RIPNG CONFIGURATION COMMANDS...
Page 1364: ...1364 CHAPTER 88 IGMP CONFIGURATION COMMANDS...
Page 1430: ...1430 CHAPTER 90 PIM CONFIGURATION COMMANDS...
Page 1504: ...1504 CHAPTER 93 IPV6 PIM CONFIGURATION COMMANDS...
Page 1644: ...1644 CHAPTER 96 MPLS TE CONFIGURATION COMMANDS...
Page 1670: ...1670 CHAPTER 97 MPLS L2VPN CONFIGURATION COMMANDS...
Page 1742: ...1742 CHAPTER 101 IPSEC PROFILE CONFIGURATION COMMANDS...
Page 1774: ...1774 CHAPTER 105 TRAFFIC POLICING TP CONFIGURATION COMMANDS...
Page 1778: ...1778 CHAPTER 106 TRAFFIC SHAPING CONFIGURATION COMMANDS...
Page 1782: ...1782 CHAPTER 107 LINE RATE CONFIGURATION COMMANDS...
Page 1807: ...1807 Sysname system view Sysname qos policy user1 Sysname qospolicy user1...
Page 1808: ...1808 CHAPTER 110 DEFINING POLICY COMMANDS...
Page 1810: ...1810 CHAPTER 111 FIFO QUEUING CONFIGURATION COMMANDS...
Page 1836: ...1836 CHAPTER 116 RTP PRIORITY QUEUE CONFIGURATION COMMANDS...
Page 1838: ...1838 CHAPTER 117 QOS TOKEN CONFIGURATION COMMANDS...
Page 1842: ...1842 CHAPTER 118 PRIORITY MAPPING TABLE CONFIGURATION COMMANDS...
Page 1844: ...1844 CHAPTER 119 PORT PRIORITY CONFIGURATION COMMANDS...
Page 1852: ...1852 CHAPTER 121 WRED CONFIGURATION COMMANDS...
Page 1860: ...1860 CHAPTER 123 MPLS QOS CONFIGURATION COMMANDS...
Page 1874: ...1874 CHAPTER 124 DAR CONFIGURATION COMMANDS...
Page 1947: ...1947 Sysname system view Sysname local user user1 Sysname luser user1 work directory cf...
Page 1948: ...1948 CHAPTER 127 AAA CONFIGURATION COMMANDS...
Page 1990: ...1990 CHAPTER 129 HWTACACS CONFIGURATION COMMANDS...
Page 2008: ...2008 CHAPTER 131 ASPF CONFIGURATION COMMANDS...
Page 2080: ...2080 CHAPTER 135 PORTAL CONFIGURATION COMMANDS...
Page 2086: ...2086 CHAPTER 137 COMMON CONFIGURATION COMMANDS...
Page 2102: ...2102 CHAPTER 138 IPV4 ACL CONFIGURATION COMMANDS...
Page 2118: ...2118 CHAPTER 139 IPV6 ACL CONFIGURATION COMMANDS...
Page 2200: ...2200 CHAPTER 142 SSH2 0 CONFIGURATION COMMANDS...
Page 2314: ...2314 CHAPTER 152 NTP CONFIGURATION COMMANDS...
Page 2328: ...2328 CHAPTER 153 RMON CONFIGURATION COMMANDS...
Page 2350: ...2350 CHAPTER 154 SNMP CONFIGURATION COMMANDS...
Page 2368: ...2368 CHAPTER 156 CONFIGURATION FILE MANAGEMENT COMMANDS...
Page 2390: ...2390 CHAPTER 158 FTP CLIENT CONFIGURATION COMMANDS...
Page 2396: ...2396 CHAPTER 159 TFTP CLIENT CONFIGURATION COMMANDS...
Page 2484: ...2484 CHAPTER 165 MAC ADDRESS TABLE MANAGEMENT CONFIGURATION COMMANDS...
Page 2646: ...2646 CHAPTER 174 DIAL PLAN CONFIGURATION COMMANDS...
Page 2710: ...2710 CHAPTER 178 SIP CONFIGURATION COMMANDS...
Page 2720: ...2720 CHAPTER 179 VOFR CONFIGURATION COMMANDS...