Configuring incoming SSH authentication
- Log in to your remote host.
Generate a key pair for host-to-switch (incoming) authentication by verifying that SSH v2 is installed and working (refer to your host’s documentation as necessary) by entering the following command:
ssh-keygen -t rsa
The following example generates RSA/DSA key pair.
anyuser@mymachine: ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/users/anyuser/.ssh/id_rsa ): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /users/anyuser/.ssh/id_rsa. Your public key has been saved in /users/anyuser/.ssh/id_rsa.pub. The key fingerprint is: 32:9f:ae:b6:7f:7e:56:e4:b5:7a:21:f0:95:42:5c:d1 anyuser@mymachine
Import the public key to the switch by logging in to the switch as any user with the admin role and entering the
sshUtil importpubkey command to import the key.
The following example adds the public key to the switch.
switch:anyuser> sshutil importpubkey Enter user name for whom key is imported: aswitchuser Enter IP address:192.168.38.244 Enter remote directory:~auser/.ssh Enter public key name(must have .pub suffix):id_rsa.pub Enter login name:auser Password: Public key is imported successfully.
- Test the setup by logging in to the switch from a remote device, or by running a command remotely using SSH.