-
Notifications
You must be signed in to change notification settings - Fork 191
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
example config UPDATE ssh listen config with all auth methods
- Loading branch information
1 parent
f3ccd33
commit d6e748e
Showing
1 changed file
with
55 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server"> | ||
| <listen> | ||
| <endpoint> | ||
| <name>default-ssh</name> | ||
| <ssh> | ||
| <tcp-server-parameters> | ||
| <local-address>0.0.0.0</local-address> | ||
| <keepalives> | ||
| <idle-time>1</idle-time> | ||
| <max-probes>10</max-probes> | ||
| <probe-interval>5</probe-interval> | ||
| </keepalives> | ||
| </tcp-server-parameters> | ||
| <ssh-server-parameters> | ||
| <server-identity> | ||
| <host-key> | ||
| <name>default-key</name> | ||
| <public-key> | ||
| <keystore-reference>genkey</keystore-reference> | ||
| </public-key> | ||
| </host-key> | ||
| </server-identity> | ||
| <client-authentication> | ||
| <users> | ||
| <user> | ||
| <name>user</name> <!-- User name that can use this authorized key(s) to authenticate itself --> | ||
| <public-keys> | ||
| <use-system-keys xmlns="urn:cesnet:libnetconf2-netconf-server"/> <!-- Uses system authorized keys of the user automatically --> | ||
| <!-- Specific inline definition of an authorized key can be used INSTEAD of system authorized keys (select one method) | ||
| <inline-definition> | ||
| <public-key> | ||
| <name>my-authorized-key</name> | ||
| <public-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:ssh-public-key-format</public-key-format> | ||
| <public-key>base64==</public-key> - Copy here one line (key) from the authorized_keys of the user | ||
| </public-key> | ||
| </inline-definition> | ||
| --> | ||
| </public-keys> | ||
| <!-- Use password authentication INSTEAD of public keys (select one method) | ||
| <password>pass</password> - Replace "pass" with the password of the user | ||
| --> | ||
|
|
||
| <!-- Use keyboard-interactive authentication INSTEAD of public keys (select one method) | ||
| <keyboard-interactive xmlns="urn:cesnet:libnetconf2-netconf-server"> | ||
| <use-system-auth/> - Will use system mechanisms for authentication the user, usually asking for their password | ||
| </keyboard-interactive> | ||
| --> | ||
| </user> | ||
| </users> | ||
| </client-authentication> | ||
| </ssh-server-parameters> | ||
| </ssh> | ||
| </endpoint> | ||
| </listen> | ||
| </netconf-server> |