ssh install-user-key

Import DSA and RSA Private or Public Keys.

Syntax

Command Parameters

WORD<1-15> {rwa | rw | ro | rwl1 | rwl2 | rwl3, enhanced-secured mode : admin | operator | auditor | security | priv }

Specifies the user access level.

You must enable SSH globally before you can generate SSH DSA user keys.

If enhanced secure mode is disabled, the valid user access levels for the switch are:

  • rwa — Specifies read-write-all.

  • rw — Specifies read-write.

  • ro — Specifies read-only.

  • rwl1 — Specifies read-write for Layer 1.

  • rwl2 — Specifies read-write for Layer 2.

  • rwl3 — Specifies read-write for Layer 3.

If you enable enhanced secure mode, the switch uses role-based authentication. You associate each username with a specific role and the appropriate authorization rights to commands based on that role.

If enhanced secure mode is enabled, the valid user access levels for the switch are:

  • admin—Specifies a user role with access to all of the configurations, show commands, and the ability to view the log file and security commands. The administrator role is the highest level of user roles.

  • operator—Specifies a user role with access to all of the configurations for packet forwarding on Layer 2 and Layer 3, and has access to show commands to view the configuration, but cannot view the audit logs and cannot access security and password commands.

  • auditor—Specifies a user role that can view log files and view all configurations, except password configuration.

  • security—Specifies a user role with access only to security settings and the ability to view the configurations.

  • priv—Specifies a user role with access to all of the commands that the administrator has access to, and is referred to as an emergency-admin. However, the user with the privilege role must be authenticated within the switch locally. RADIUS and TACACS+ authentication is not accessible. A user role at the privilege level must login to the switch through the console port only.

WORD<1-15> {public |private}
Specifies the public key or the private key type to copy from /intflash/shared to /intflash/.ssh.
WORD<1-15> {dsa | rsa}
Specifies the DSA or RSA signature algorithm for the public key or the private key to copy.

Default

None

Command Mode

Global Configuration

Usage Guidelines

This command is not supported on VSP 8600 Series.