Configuring public key authentication - FSx for ONTAP
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Configuring public key authentication

To enable SSH public key authentication, you must first generate an SSH key and associate it with an administrator account by using the security login publickey create command. This allows the account to access the SVM. The security login publickey create command accepts the following parameters.

Parameter Description

-vserver (Optional)

The name of the SVM that the account accesses. If you are configuring SSH public key authentication for file system users, don't include -versver.


The username of the account. The default value, admin, is the default name of the cluster administrator.


The index number of the public key. The default value is 0 if the key is the first key that's created for the account. Otherwise, the default value is one more than the highest existing index number for the account.


The OpenSSH public key. Enclose the key in double quotation marks.


The access control role that's assigned to the account.

-comment (Optional)

Descriptive text for the public key. Enclose the text in double quotation marks.

The following example associates a public key with the SVM administrator account svmadmin for the SVM svm01. The public key is assigned index number 5.

Fsx0123456::> security login publickey create -vserver svm01 -username svmadmin -index 5 -publickey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAspH64CYbUsDQCdW22JnK6J/vU9upnKzd2zAk9C1f7YaWRUAFNs2Qe5lUmQ3ldi8AD0Vfbr5T6HZPCixNAIzaFciDy7hgnmdj9eNGedGr/"

You must be an SVM or file system administrator to perform this task.