The HP documentation is there.

  • Up to 10 id_rsa.pub ssh keys can be put on a /tftp/sw.pub file on dns-sx-01.
  • On the switch, enter the following commands :
    • crypto key generate ssh
    • ip ssh
    • copy tftp pub-key-file 10.128.16.5 sw.pub manager
    • aaa authentication ssh enable public-key none (this allow to login as manager)
    • write memory

A user who has his RSA public key in sw.pub can now connect with ssh without password to the switch.

ssh sw-xxxx-xx 

So we should disable telnet with the command no telnet-server (check that ssh works before). We have the same problem for web access, but read-only web access could be nice to have a quick view of the switch. I tried to set Radius Server as enable authentication method. It now asks for username/password when trying to do some admin task with web access and, as we don't have any radius server, it fails. So this seems to be ok.

-- LoicBrarda - 28 Nov 2007 -- GuomingLiu - 08 Apr 2008

Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r4 - 2008-04-15 - GuomingLiu
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LHCb All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback