Ssh Client And Secure Sessions - HP 3500yl Series Access Security Manual

C a u t i o n
N o t e
Syntax: aaa authentication ssh login public-key none
Allows SSH client access only if the switch detects a match
between the client's public key and an entry in the client-
public-key file most recently copied into the switch.
To enable client public-key authentication to block SSH clients whose public
keys are not in the client-public-key file copied into the switch, you must
configure the Login Secondary as none. Otherwise, the switch allows such
clients to attempt access using the switch's Operator password.

SSH Client and Secure Sessions

SSH Client provides a method for establishing a secure session from one HP
switch to another. In addition to providing secure sessions, SFTP is enhanced
to allow bidirectional secure copying of files between a switch and an SFTP
server, initiated from the switch with the copy command. The SFTP server
can be another switch or a workstation/server with a running SSH server that
supports SFTP.
Each switch with the SSH Client feature will have a known hosts file that can
contain the public key from switches and servers that have been determined
to be genuine. New public keys can be added to the known hosts file when
new SSH servers are contacted, up to a maximum of 100 entries (if memory
allows). The known hosts file can also be copied to another switch or to a
server where it can be edited.
You must be in manager context to use this SSH and SFTP feature.
Configuring Secure Shell (SSH)
SSH Client and Secure Sessions
8-31