Configuring A Client's Host Public Key - HP 10500 Series Configuration Manual

Step
4. Configure the user interface to
support SSH login.

Configuring a client's host public key

During publickey authentication, when a client directly sends the public key to the server for validity
check, the server first compares the SSH username and host public key that it receives from the client with
those saved locally. If the information is consistent, it examines the digital signature that the client sends.
The digital signature is calculated by the client according to the private key that corresponds to the host
public key.
You must configure the client's DSA or RSA host public key on the server, and specify the corresponding
host private key on the client to generate the digital signature, so that the client can pass publickey
authentication with correct digital signature. If the device serves as a client, corresponding host private
key is specified by the specified public key algorithm.
You can manually configure the public key of an SSH client on the server, or import it from the public key
file:
• Configure it manually—Type or copy the client host public key on the client to the SSH server. The
host public key must be in the DER encoding format, which has not been converted.
Import it from the public key file—Upload the client's host public key file (in binary) to the server,
•
for example, through FTP or TFTP, and import the uploaded file to the server. During the import
process, the server automatically converts the public key in the public key file to a string in PKCS
format.
Manually configured client host public keys must be in the specified format. If you use the device to act
as the client, you can use the display public-key local public command to view the host public key and
copy its contents to the server. A host public key obtained in other ways might be in incorrect format and
cannot be saved on the server. HP recommends that you configure a client public key by importing it from
a public key file.
NOTE:
This configuration task is only necessary if publickey authentication is configured for users.
•
• You can configure up to 20 SSH client public keys on an SSH server.
Configuring a client public key manually
Step
1. Enter system view.
2. Enter public key view.
3. Enter public key code view.
4. Configure a client's host
public key.
Command
protocol inbound { all | ssh }
Command
system-view
public-key peer keyname
public-key-code begin
Enter the content of the host public
key
205
Remarks
Optional.
By default, Telnet and SSH are
supported.
For more information about this
command, see Fundamentals
Command Reference.
Remarks
N/A
N/A
N/A
Spaces and carriage returns are
allowed between characters.