Dell 6.2 Server User Manual


  Open as PDF
of 869
 
626 | ManagementAccess DellPowerConnectW-SeriesArubaOS6.2 | User Guide
a. Under Management Users, click Add.
b. Select Certificate Management.
c. Select WebUI Certificate.
d. Enter the username.
e. Select the user role assigned to the user upon validation of the client certificate
f. Enter the serial number for the client certificate.
g. Select the name of the CA that issued the client certificate.
h. Click Apply.
In the CLI
web-server
mgmt-auth certificate
switch-cert <certificate>
mgmt-user webui-cacert <ca> serial <number> <username> < role>
Enabling Public Key Authentication for SSH Access
The controller allows public key authentication of users accessing the controller using SSH. (The default is for
username/password authentication.) When you import an X.509 client certificate into the controller, the certificate
is converted to SSH-RSA keys. When you enable public key authentication for SSH, the controller validates the
client’s credentials with the imported public keys. You can specify public key authentication only, or public key
authentication with username/password (if the public key authentication fails, the user can login with a configured
username and password).
To use public key authentication, you must do the following:
1. Import the X.509 client certificate into the controller using the WebUI, as described in "Importing Certificates"
on page 637
2. Configure SSH for client public key authentication. You can optionally also select username/password
authentication.
3. Configure the username, role and client certificate.
In the WebUI
1. Navigate to the Configuration > Management > General page.
2. Under SSH (Secure Shell) Authentication Method, select Client Public Key. You can optionally select
Username/Password to use both username/password and public key authentication for SSH access.
3. Click Apply.
4. To configure the user, navigate to the Configuration > Management > Administration page.
a. Under Management Users, click Add.
b. Select Certificate Management.
c. Select SSH Public Key.
NOTE: ArubaOS recommends that the username and role for SSH be the same as for the WebUI Certificate. You can optionally use
the checkbox to copy the username and role from the Web Certificate section to the SSH Public Key section.
d. Enter the username.
e. Select the management role assigned to the user upon validation of the client certificate.
 previous next