Filter
Top Products
2196 CHAPTER 142: SSH2.0 CONFIGURATION COMMANDS
■ For a publickey authentication user, you must configure the username and the
public key on the device. For a password authentication user, you can configure
the account information on either the device or the remote authentication
server such as a RADIUS server.
■ If you use the ssh user command to configure a public key for a user who has
already had a public key, the new one overwrites the old one.
■ The new public key takes effect when the user logs in next time.
■ If an SFTP user has been assigned a public key, it is necessary to set a working
folder for the user.
■ The working folder of an SFTP user is subject to the user authentication
method. For a user using only password authentication, the working folder is
the AAA authorized one. For a user using only publickey authentication or
using both the publickey and password authentication methods, the working
folder is the one set by using the ssh user command.
Related command: display ssh user-information.
Example # Create an SSH user named user1, and specify the service type as sftp, the
authentication method as publickey, the work folder of the SFTP server as flash,
and assign a public key named key1 to the user.
<Sysname> system-view
[Sysname] ssh user user1 service-type sftp athentication-type public
key assign publickey key1 work-directory flash:
ssh2
Syntax ssh2 server [ port-number ] [ identity-key { dsa | rsa } | prefer-ctos-cipher { 3des |
aes128 | des } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des |
aes128 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 }] *
View User view
Parameter server: IPv4 address or name of the server, a string of 1 to 20 characters.
port-number: Port number of the server, in the range 0 to 65535. The default is
22.
identity-key: Specifies the algorithm for publickey authentication, either dsa or
rsa. The default is dsa.
prefer-ctos-cipher: Preferred encryption algorithm from client to server, defaulted
to aes128.
■ 3des: Encryption algorithm 3des-cbc.
■ aes128: Encryption algorithm aes128-cbc
■ des: Encryption algorithm des-cbc.