Configuring a client's host public key

This configuration task is only necessary for the clients that directly send the public key to the server in publickey authentication.

During publickey authentication, the server compares the SSH username and client's host public key received from the client with those saved locally. If they are consistent, the server examines the digital signature that the client sends. The digital signature is calculated by the client according to the private key that is associated with the host public key.

For successful authentication, you must perform the following tasks:

You can configure the host public key of an SSH client by using one of the following methods:

You can configure up to 20 SSH client public keys on an SSH server.

For more information about client public key configuration, see "Managing public keys."

Manually entering the content of the host public key

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter public key view.

public-key peer keyname

N/A

3. Enter public key code view.

public-key-code begin

N/A

4. Configure a client's host public key.

Enter the content of the host public key

Spaces and carriage returns are allowed between characters.

5. Return to public key view and save the configured host public key.

public-key-code end

When you exit public key code view, the system automatically saves the public key.

6. Return to system view.

peer-public-key end

N/A

Importing the client's host public key from the public key file

Step

Command

1. Enter system view.

system-view

2. Import the public key from a public key file.

public-key peer keyname import sshkey filename