The following table lists the access levels and file names that you must use to store the SSHv2 client authentication information using DSA onto the switch that acts as the SSHv2 server.
Client key format or WSM |
Access level |
File name |
---|---|---|
Client key in non IETF and IETF format with enhanced secure mode disabled Note:
The switch supports IETF and non-IETF for DSA. |
RWA |
/intflash/.ssh/dsa_key_rwa |
RW |
/intflash/.ssh/dsa_key_rw |
|
RO |
/intflash/.ssh/dsa_key_ro |
|
L3 |
/intflash/.ssh/dsa_key_rwl3 |
|
L2 |
/intflash/.ssh/dsa_key_rwl2 |
|
L1 |
/intflash/.ssh/dsa_key_rwl1 |
|
Client key in enhanced secure mode |
administrator |
/intflash/.ssh/dsa_key_admin |
operator |
/intflash/.ssh/dsa_key_operator |
|
security |
/intflash/.ssh/dsa_key_security |
|
privilege |
/intflash/.ssh/dsa_key_priv |
|
auditor |
/intflash/.ssh/dsa_key_auditor |
The switch generates an RSA public and private server key pair. The public part of the key for RSA is stored in /intflash/.ssh/ssh_key_rsa_pub.key. If an RSA key pair does not exist, then the switch automatically generates one when you enable the SSH server. To authenticate a client using RSA, the administrator must copy the public part of the client RSA key to the switch.