Media Flow Controller CLI Commands : cmc : cmc auth

cmc auth
Configure CMC authorization.
cmc auth
host-key {strict | global-only}
trusted-hosts {install | clear-install | verify}
{ssh-dsa2 | ssh-rsa2} identity <identity>
public <key>
private [<key>]
ssh-dsa2 or ssh-rsa2 identity—Configure options for ssh-dsa2 or ssh-rsa2 authorization.
generate—Generate a new identity (a private and public key-pair) or delete (with no) an existing identity.
public <key> or private [<key>]—If a DSA2/RSA2 identity (a private and public key-pair) has been generated by other means, associate the named identity with those keys. If the private key command is used with no key, the user is prompted for the key; entries made at this prompt echo the star (*) character, and the user must enter the same string twice for confirmation.
ssh—Configure Secure Shell (ssh) options:
host-key global-only or strict—Control strictness of checking host keys when establishing a connection with another host using the CMC. Use global-only to control whether the global known hosts file is the only one used (default is disabled). Use strict to allow a connection only if there is already a known host entry that matches what the remote host sends. So you have to either manually install a key, or temporarily disable strict mode to get the key installed automatically. With strict disabled (default), CMC automatically accepts a host key from a host for which there is no prior entry; but the host is still rejected if there already is an entry that does not match what they send.
trusted-hosts—Configure SSH trusted hosts options. Media Flow Controller client systems only.
install—Install server’s trusted-hosts into the SSH global known-hosts list (as if they were added via ssh client global known-host <known-host-entry>). The client system must have installed at manufacture time the public key of the Media Flow Controller server in /etc/pki/tms-gpg/GPG-KEY. If a trusted-host entry matches an existing global known-host entry, and the keys are different, the key from the trusted-host overwrites the global known-host key. Otherwise, all trusted-hosts are added.
clear-install—Remove all existing SSH global known hosts before installing the retrieved trusted host entries.
verify—Like the above install command, but merely verify the signature of the trusted hosts, do not install/merge them.
show cmc auth identities [{ssh-rsa2 | ssh-dsa2} [<identity name>]]
Display CMC identities. Can display all identities, all of a certain type, or just a specified one, depending on which parameters are used.
show cmc auth ssh
Display CMC SSH global settings.

Report an Error
Media Flow Controller Administrator's Guide and CLI Command Reference
Copyright © 2010 Juniper Networks, Inc.