[j-nsp] limiting SSH public key authentication
Phil Shafer
phil at juniper.net
Mon Dec 20 13:18:49 EST 2004
Daniel Verlouw writes:
>noc at nlambrt1# set ssh-dsa "from=\"192.168.0.1\" ssh-dss <public key in
>here> user at machine"
>Key format must be 'ssh-dss <base64-encoded-DSA-key> <comment>'
>error: statement creation failed: ssh-dsa
>
>Is this simply a CLI parsing limitation or does the JUNOS sshd not
>support this option at all?
This error is reported when the ssh key fails our base64 encoding test.
There's a "from" statement that can be configured under any ssh key
to limit access. It was added 2002-08-28, so it should be in any
sw image you are running.
[edit system login user phil authentication]
root at dent# show
ssh-rsa "1024 35 secret phil at juniper.net" from 10.1.2.3; ## SECRET-DATA
Thanks,
Phil
More information about the juniper-nsp
mailing list