vi
PKI operation ······················································································································································· 149
PKI configuration task list ············································································································································ 149
Configuring an entity DN ············································································································································ 150
Configuring a PKI domain ·········································································································································· 151
Submitting a PKI certificate request ···························································································································· 153
Submitting a certificate request in auto mode ·································································································· 153
Submitting a certificate request in manual mode ····························································································· 153
Retrieving a certificate manually ································································································································ 154
Configuring PKI certificate verification ······················································································································ 155
Configuring CRL-checking-enabled PKI certificate verification ······································································· 155
Configuring CRL-checking-disabled PKI certificate verification ······································································ 156
Destroying a local RSA key pair ································································································································ 156
Deleting a certificate ···················································································································································· 156
Configuring an access control policy ························································································································ 157
Displaying and maintaining PKI ································································································································· 157
PKI configuration examples ········································································································································· 158
Requesting a certificate from a CA server running RSA Keon ······································································· 158
Requesting a certificate from a CA server running Windows
®
2003 Server™ ············································ 161
Configuring a certificate attribute-based access control policy ····································································· 164
Troubleshooting PKI ····················································································································································· 166
Failed to retrieve a CA certificate ······················································································································ 166
Failed to request a local certificate ··················································································································· 166
Failed to retrieve CRLs ········································································································································ 167
Configuring SSH2.0 ··············································································································································· 168
SSH operation ····················································································································································· 168
Configuring the switch as an SSH server ·················································································································· 170
SSH server configuration task list ······················································································································ 170
Generating a DSA or RSA key pair ·················································································································· 171
Enabling the SSH server function ······················································································································ 171
Configuring the user interfaces for SSH clients ································································································ 171
Configuring a client public key ·························································································································· 172
Configuring an SSH user ···································································································································· 173
Setting the SSH management parameters ········································································································ 174
Configuring the switch as an SSH client ··················································································································· 175
SSH client configuration task list ························································································································ 175
Specifying a source ip address/interface for the SSH client ·········································································· 175
Configuring whether first-time authentication is supported ············································································· 175
Establishing a connection between the SSH client and server ······································································· 176
Displaying and maintaining SSH ······························································································································· 177
SSH server configuration examples ··························································································································· 177
When the switch acts as a server for password authentication ····································································· 177
When the switch acts as a server for publickey authentication ····································································· 179
SSH client configuration examples····························································································································· 184
When the switch acts as client for password authentication ·········································································· 184
When the switch acts as client for publickey authentication ·········································································· 187
Configuring SFTP ····················································································································································· 190
Configuring the switch as an SFTP server ················································································································· 190
Configuration prerequisites ································································································································ 190
Enabling the SFTP server ···································································································································· 190
Configuring the SFTP connection idle timeout period ····················································································· 190
Configuring the switch as an SFTP client ··················································································································· 191
Specifying a source IP address or interface for the SFTP client ······································································ 191
Establishing a connection to the SFTP server ···································································································· 191
Working with SFTP directories ··························································································································· 191
Working with SFTP files ······································································································································ 192
To Next Page
Loading...
Need help?
General