1-25
System View: return to User View with Ctrl+Z.
[Sysname] rsa peer-public-key 123 import sshkey abc
ssh authentication-type default
Syntax
ssh authentication-type default { all | password | password-publickey | publickey | rsa }
undo ssh authentication-type default
View
System view
Parameters
all
: Specifies either the password authentication or the publickey authentication for SSH users.
password
: Specifies the authentication mode for SSH users as password authentication.
password-publickey
: Specifies that both the password and the publickey must be authenticated for
SSH users.
publickey
: Specifies the authentication mode for the SSH user as publickey (RSA key or DSA key )
authentication.
rsa
: Specifies the authentication mode for the SSH user as publickey (RSA key or DSA key )
authentication. The authentication modes specified by the
rsa
keyword and
publickey
keyword are
implemented in the same way.
Description
Use the
ssh authentication-type default
command to specify a default authentication mode for SSH
users. After this command is configured, when an SSH user is added by using the
ssh user
command,
the default authentication mode is adopted for the user if no authentication mode is specified by using
the
ssh user authentication-type
command.
Use the
undo ssh authentication-type default
command to remove the specified default
authentication mode. That is, no default authentication mode is specified for SSH users. In this case,
when an SSH user is added, you must specify an authentication mode for the user at the same time.
By default, no default authentication mode is specified.
The differences between password authentication, publickey authentication, and password-publickey
authentication are:
z
Password authentication is vulnerable to attacks.
z
Publickey authentication provides more secure SSH connections than password authentication
does. The mode is easy to use and prevents illegal operations such as malicious password guess.
After the configuration, the subsequent authentications are implemented automatically without
asking you to enter the password.
z
Password-publickey authentication takes the advantages of both password authentication and
publickey authentication. An SSH user must pass both types of authentication before logging in.
The combination of password and publickey authentications eliminates the vulnerability of the SSH
server caused by the clients. You can use password-publickey authentication together with AAA for
authentication and authorization of users.
Related commands:
display ssh user-information
.
Summary of Contents for 5500-EI PWR
Page 43: ...2 6...
Page 76: ...1 17...
Page 228: ...ii stp transmit limit 1 44 vlan mapping modulo 1 45 vlan vpn tunnel 1 46...
Page 477: ...5 24 Sysname vlan 2 Sysname vlan2 service type multicast...
Page 503: ...2 3 System View return to User View with Ctrl Z Sysname dot1x url http 192 168 19 23...
Page 519: ...iii...
Page 597: ...2 2 security policy server 192 168 0 1 user name format without domain...
Page 648: ...1 9 Examples Clear static ARP entries Sysname reset arp static...
Page 663: ...4 3 Sysname resilient arp interface vlan interface 2...
Page 767: ...1 28 From 12 00 Jan 1 2008 to 12 00 Jun 1 2008...
Page 1111: ...ii xmodem get 3 18...
Page 1314: ...A 44 Z...