After installing the SSH client software, you, as the MPLS Manager administrator, perform the following configuration tasks:
-
Create one or more CLI device-access groups that have the device-access method set to SSH1 or SSH2. SSH2 is recommended.
Instructions for creating CLI device-access groups are presented in “Creating CLI device-access groups” on page 79.
-
Use the SSH client configuration file to configure the SSH client. Configure the SSH client to:
-
Use password authentication or public-key authentication or either.
-
Automatically add a new server host to the user’s database of known hosts without prompting the user for confirmation.
-
-
-
For public-key authentication only: Generate a public/private key pair.
Also, consider configuring the SSH client to try SSH version 2, and fall back to version 1 if version 2 is not available.
Password authentication requires a username and password. Public-key authentication requires a username only. Public-key authentication is achieved by using the Rivest, Shamir, and Adelman (RSA) or Digital Signature Algorithm (DSA) public-key algorithm. DSA only works with SSH2.
