Reset Search
 

 

Article

Is it possible to login using certificate for SSH access?

« Go Back

Information

 
TitleIs it possible to login using certificate for SSH access?
Question
Is it possible to login using certificate for SSH access?
Environment
  • EXOS version 22.x or above
Answer
Starting from EXOS 22.x, PKI for SSH is available so you can use certificate to authenticate SSH sessions. You may refer to the user guide in EXOS 22.x for the detailed procedures. In user guide, go to “Security” -> “Secure Shell 2” -> “Public-Key Infrastructure (PKI) in Secure Shell (SSH) Overview”
 
Here is the summary of the steps
 
1.    Generate a CA certificate with OpenSSL
2.    Generate a user certificate and signed by a CA certificate with OpenSSL
3.    Setup a user account in EXOS equal to the common name of user certificate (Important)
4.    Download the CA certificate to EXOS switch using TFTP
5.    Enable OCSP (Optional)
6.    Concatenate user certificate and key file to a single file
7.    Transfer the file to SSH client for authentication
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255