使用 SSH 公钥,可在不使用密码的情况下建立 SSH 连接。此功能非常有用,不仅能为管理员提供便利,还可以自动执行脚本。
使用以下示例设置用户帐户的 SSH 公钥。如果使用您自己帐户以外的其他帐户登录 CLI,则系统将保存该用户(如 root 用户)的密钥。有关如何更改除当前登录帐户以外的其他用户帐户的密钥,请参见示例 2。
要为当前用户帐户设置 SSH 公钥,请使用以下 CLI 命令。
hostname:> configuration preferences hostname:configuration preferences> show Properties: locale = C login_screen = status/dashboard session_timeout = 15 advanced_analytics = false Children: keys => Manage SSH public keys hostname: configuration preferences> keys hostname:configuration preferences keys> create hostname:configuration preferences key (uncommitted)> set type=DSA hostname:configuration preferences key (uncommitted)> set key="...DSA key text..." key = ...DSA key text...(uncommitted) hostname:configuration preferences key (uncommitted)> set comment="fw-log1" comment = fw-log1 (uncommitted) hostname:configuration preferences key (uncommitted)> commit hostname:configuration preferences keys> show Keys: NAME MODIFIED TYPE COMMENT key-000 07/12/2015 10:54:58 DSA fw-log1示例 12 为不同的用户帐户设置 SSH 公钥
要为不同的用户帐户设置 SSH 公钥,请使用以下 CLI 命令。
hostname:> configuration users hostname:configuration users> select john hostname:configuration users john> preferences show Properties: locale = C login_screen = status/dashboard session_timeout = 15 advanced_analytics = false Children: keys => Manage SSH public keys hostname: configuration users john> preferences keys hostname:configuration users john preferences keys> create hostname:configuration users john preferences key (uncommitted)> set type=DSA hostname:configuration users john preferences key (uncommitted)> set key="...DSA key text..." key = ...DSA key text...(uncommitted) hostname:configuration users john preferences key (uncommitted)> set comment="fw-log2" comment = fw-log2 (uncommitted) hostname:configuration users john preferences key (uncommitted)> commit hostname:configuration users john preferences keys> show Keys: NAME MODIFIED TYPE COMMENT key-001 07/13/2015 10:57:58 DSA fw-log2