SSH public keys can be used to allow SSH connections without the use of passwords. This feature is useful for administrator convenience and for automated execution of scripts.
Use the following examples to set SSH public keys for user accounts. If you log into the CLI with other than your own account, the keys are saved for that user, such as the root user. See Example 2 for how to change keys for user accounts other than the one currently logged in to.
To set SSH public keys for the current user account, use the following CLI commands.
hostname:> configuration preferences hostname:configuration preferences> show Properties: locale = C login_screen = status/dashboard session_timeout = 15 advanced_analytics = false Children: keys => Manage SSH public keys hostname: configuration preferences> keys hostname:configuration preferences keys> create hostname:configuration preferences key (uncommitted)> set type=DSA hostname:configuration preferences key (uncommitted)> set key="...DSA key text..." key = ...DSA key text...(uncommitted) hostname:configuration preferences key (uncommitted)> set comment="fw-log1" comment = fw-log1 (uncommitted) hostname:configuration preferences key (uncommitted)> commit hostname:configuration preferences keys> show Keys: NAME MODIFIED TYPE COMMENT key-000 07/12/2015 10:54:58 DSA fw-log1Example 12 Setting SSH Public Keys for a Different User Account
To set SSH public keys for a different user account, use the following CLI commands.
hostname:> configuration users hostname:configuration users> select john hostname:configuration users john> preferences show Properties: locale = C login_screen = status/dashboard session_timeout = 15 advanced_analytics = false Children: keys => Manage SSH public keys hostname: configuration users john> preferences keys hostname:configuration users john preferences keys> create hostname:configuration users john preferences key (uncommitted)> set type=DSA hostname:configuration users john preferences key (uncommitted)> set key="...DSA key text..." key = ...DSA key text...(uncommitted) hostname:configuration users john preferences key (uncommitted)> set comment="fw-log2" comment = fw-log2 (uncommitted) hostname:configuration users john preferences key (uncommitted)> commit hostname:configuration users john preferences keys> show Keys: NAME MODIFIED TYPE COMMENT key-001 07/13/2015 10:57:58 DSA fw-log2