HP (Hewlett-Packard) 2500 Switch User Manual


 
81
Enhancements in Release F.04.08
Configuring Secure Shell (SSH)
keys by default, check the application software for a key conversion utility or use a third-party key
conversion utility.
Figure 28. Example of Public Key in PEM-Encoded ASCII Format Common for SSHv2 Clients
Figure 29. Example of Public Key in Non-Encoded ASCII Format (Common for SSHv1 Client Applications)
Steps for Configuring and Using SSH for Switch and Client
Authentication
For two-way authentication between the switch and an SSH client, you must use the login (Operator)
level.
Table 7. SSH Options
Switch
Access
Level
Primary SSH
Authentication
Authenticate
Switch Public Key
to SSH Clients?
Authenticate
Client Public Key
to the Switch?
Primary Switch
Password
Authentication
Secondary Switch
Password
Authentication
Operator
(Login)
Level
ssh login rsa Yes Yes
1
No
1
local or none
ssh login Local Yes No Yes local or none
ssh login TACACS Yes No Yes local or none
ssh login RADIUS Yes No Yes local or none
Manager
(Enable)
Level
ssh enable local Yes No Yes local or none
ssh enable tacacs Yes No Yes local or none
ssh enable radius Yes No Yes local or none
1
For ssh login rsa, the switch uses client public-key authentication instead of the switch password
options for primary authentication.
Comment describing
public key identity.
Beginning of actual SSHv2 public
key in PEM-Encoded ASCII format.
Key Size Key Size
Modulus