DSA authentication access level and file name

The following table lists the access levels and file names that you must use to store the SSHv2 client authentication information using DSA onto the switch that acts as the SSHv2 server.

Table 1. DSA authentication access levels and file names

Client key format or WSM

Access level

File name

Client key in non IETF and IETF format with enhanced secure mode disabled

Note:

The switch supports IETF and non-IETF for DSA.

RWA

/intflash/.ssh/dsa_key_rwa

RW

/intflash/.ssh/dsa_key_rw

RO

/intflash/.ssh/dsa_key_ro

L3

/intflash/.ssh/dsa_key_rwl3

L2

/intflash/.ssh/dsa_key_rwl2

L1

/intflash/.ssh/dsa_key_rwl1

Client key in enhanced secure mode

administrator

/intflash/.ssh/dsa_key_admin

operator

/intflash/.ssh/dsa_key_operator

security

/intflash/.ssh/dsa_key_security

privilege

/intflash/.ssh/dsa_key_priv

auditor

/intflash/.ssh/dsa_key_auditor

The switch generates an RSA public and private server key pair. The public part of the key for RSA is stored in /intflash/.ssh/ssh_key_rsa_pub.key. If an RSA key pair does not exist, then the switch automatically generates one when you enable the SSH server. To authenticate a client using RSA, the administrator must copy the public part of the client RSA key to the switch.