使用 SSH 公钥,可在不使用密码的情况下建立 SSH 连接。此功能非常有用,不仅能为管理员提供便利,还可以自动执行脚本。
使用以下示例设置用户帐户的 SSH 公钥。如果使用您自己帐户以外的其他帐户登录 CLI,则系统将保存该用户(如 root 用户)的密钥。有关如何更改除当前登录帐户以外的其他用户帐户的密钥,请参见示例 2。
要为当前用户帐户设置 SSH 公钥,请使用以下 CLI 命令。
hostname:> configuration preferences
hostname:configuration preferences> show
Properties:
locale = C
login_screen = status/dashboard
session_timeout = 15
advanced_analytics = false
Children:
keys => Manage SSH public keys
hostname: configuration preferences> keys
hostname:configuration preferences keys> create
hostname:configuration preferences key (uncommitted)> set type=DSA
hostname:configuration preferences key (uncommitted)> set key="...DSA key text..."
key = ...DSA key text...(uncommitted)
hostname:configuration preferences key (uncommitted)> set comment="fw-log1"
comment = fw-log1 (uncommitted)
hostname:configuration preferences key (uncommitted)> commit
hostname:configuration preferences keys> show
Keys:
NAME MODIFIED TYPE COMMENT
key-000 07/12/2015 10:54:58 DSA fw-log1
示例 12 为不同的用户帐户设置 SSH 公钥
要为不同的用户帐户设置 SSH 公钥,请使用以下 CLI 命令。
hostname:> configuration users
hostname:configuration users> select john
hostname:configuration users john> preferences show
Properties:
locale = C
login_screen = status/dashboard
session_timeout = 15
advanced_analytics = false
Children:
keys => Manage SSH public keys
hostname: configuration users john> preferences keys
hostname:configuration users john preferences keys> create
hostname:configuration users john preferences key (uncommitted)> set type=DSA
hostname:configuration users john preferences key (uncommitted)> set key="...DSA key text..."
key = ...DSA key text...(uncommitted)
hostname:configuration users john preferences key (uncommitted)> set comment="fw-log2"
comment = fw-log2 (uncommitted)
hostname:configuration users john preferences key (uncommitted)> commit
hostname:configuration users john preferences keys> show
Keys:
NAME MODIFIED TYPE COMMENT
key-001 07/13/2015 10:57:58 DSA fw-log2