Manualshelf

Reference Guide

ManualsBrandsDell ManualsserversDell Force10 E600i
871872873874875876877878879880
880 | Security
www.dell.com | support.dell.com
Host-based SSH Authentication
Authenticate a particular host. This method uses SSH version 2.
To configure host-based authentication:
5 Bind the public keys to RSA authentication. ip ssh rsa-authentication
my-authorized-keys flash://
public_key
EXEC Privilege
Step Task Command Syntax Command Mode
1 Configure RSA Authentication. Refer to RSA Authentication of SSH, above.
2 Create shosts by copying the public
RSA key to the to the file shosts in the
diretory .ssh, and write the IP address
of the host to the file.
cp /etc/ssh/ssh_host_rsa_key.pub /.ssh/shosts
admin@Unix_client# cd /etc/ssh
admin@Unix_client# ls
moduli sshd_config ssh_host_dsa_key.pub ssh_host_key.pub
ssh_host_rsa_key.pub ssh_config ssh_host_dsa_key ssh_host_key
ssh_host_rsa_key
admin@Unix_client# cat ssh_host_rsa_key.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA8K7jLZRVfjgHJzUOmXxuIbZx/
AyWhVgJDQh39k8v3e8eQvLnHBIsqIL8jVy1QHhUeb7GaDlJVEDAMz30myqQbJgXBBRTWgBpLWwL/
doyUXFufjiL9YmoVTkbKcFmxJEMkE3JyHanEi7hg34LChjk9hL1by8cYZP2kYS2lnSyQWk=
admin@Unix_client# ls
id_rsa id_rsa.pub shosts
admin@Unix_client# cat shosts
10.16.127.201, ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA8K7jLZRVfjgHJzUOmXxuIbZx/AyW
hVgJDQh39k8v3e8eQvLnHBIsqIL8jVy1QHhUeb7GaDlJVEDAMz30myqQbJgXBBRTWgBpLWwL/
doyUXFufjiL9YmoVTkbKcFmxJEMkE3JyHanEi7hg34LChjk9hL1by8cYZP2kYS2lnSyQWk=
3 Create a list of IP addresses and usernames that are permitted to SSH in a file called rhosts, as shown in the
following example.
admin@Unix_client# ls
id_rsa id_rsa.pub rhosts shosts
admin@Unix_client# cat rhosts
10.16.127.201 admin
4 Copy the file shosts and rhosts to the Dell Force10 system.
5 Disable password authentication and
RSA authentication, if configured
no ip ssh password-authentication
no ip ssh rsa-authentication
CONFIGURATION
EXEC Privilege
6 Enable host-based authentication. ip ssh hostbased-authentication enable CONFIGURATION
7 Bind shosts and rhosts to host-based
authentication.
ip ssh pub-key-file flash://filename
ip ssh rhostsfile flash://filename
CONFIGURATION
Step Task Command Syntax Command Mode