Fabric OS Command Reference
953
53-1001764-01
sshUtil
2
genkey
Generates an RSA private/public key pair on the local switch. This option can be
performed only by a configured user. This option enables authentication for
outgoing connections from the switch to a remote host. You must export the public
key to a remote host to complete the setup. For incoming connections, the
private/public key must first be generated on the remote host by issuing
ssh-genkey -t dsa
(a UNIX command), and then importing the public key from
the remote host to the switch using the
sshutil import
command.
genkey
prompts for user input on the following parameters:
passphrase
Accepts a string of arbitrary length. This operand is optional, but creating a pass
phrase is strongly recommended. A strong pass phrase is 10-30 characters long,
fairly complex and difficult to guess. and contains a mix of upper and lowercase
letters, numbers, and nonalphanumeric characters. There is no way to recover a
lost pass phrase. If the pass phrase is lost, a new key must be generated and
copied to the corresponding public key to other machines.
exportpubkey
Exports the public key from the switch to a specified remote host to support
outgoing connections from the switch to a remote host. This option can only be
performed by a configured user. The successfully exported public key must be
appended to the authorized_keys file on the remote host. Use the
cat
~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys
command to append the file.
exportpubkey
prompts for IP Address, remote directory, login name and
password. Refer to
importpubkey
for a description of these parameters.
delprivkey
Deletes the private key for outgoing connection from the switch. This option can
only be performed by a configured user. Deletion of a configured user's private
keys effectively blocks outgoing connections initiated by this user that rely on
public key authentication with a remote host.
help
Displays the command usage.
EXAMPLES
To configure a user for public key authentication:
switch:admin>
sshutil allowuser username
Allowed user has been successfully changed to username.
To display the configured user:
switch:admine>
sshutil showuser
username
To set up SSH public key authentication on a switch for incoming connections:
1.
Generate a private/public key pair on a remote host (accept default directory and file name):
username@remotehost>
ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key \
(/users/home/username/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
passphrase
Enter same passphrase again:
passphrase
Your identification has been saved in \
Содержание Fabric OS v7.0.1
Страница 1: ...53 1002447 01 15 December 2011 Fabric OS Command Reference Supporting Fabric OS v7 0 1 ...
Страница 6: ...vi Fabric OS Command Reference 53 1002447 01 ...
Страница 30: ...4 Fabric OS Command Reference 53 1002447 01 Using the command line interface 1 ...
Страница 118: ...92 Fabric OS Command Reference 53 1001764 01 ceePortLedTest 22 ceePortLedTest DESCRIPTION See portLedTest SEE ALSO None ...
Страница 270: ...244 Fabric OS Command Reference 53 1001764 01 exit 22 exit DESCRIPTION See logout SEE ALSO None ...
Страница 1132: ...1106 Fabric OS Command Reference 53 1002447 01 General Fabric OS commands and permissions A ...