Editing Cisco IOS: Configure public RSA key authentication

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
  
Main Command: <code>[[ip ssh]] pubkey-chain</code><ref>https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/15-s/sec-usr-ssh-15-s-book/sec-secure-shell-v2.html</ref>
+
Main Command: <code>ip ssh pubkey-chain</code><ref>https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/15-s/sec-usr-ssh-15-s-book/sec-secure-shell-v2.html</ref>
  
 
Configuration Example in Linux:
 
Configuration Example in Linux:
Line 6: Line 6:
 
1. Generate your key if you do not have already one: <code>ssh-keygen</code>
 
1. Generate your key if you do not have already one: <code>ssh-keygen</code>
  
2. Split your key in 72 characters lines: <code>[[fold]] -b -w 72 ~/.ssh/id_rsa.pub</code> and copy output removing ssh-rsa and last part: username@hostname
+
2. Split your key in 72 characters lines: <code>fold -b -w 72 ~/.ssh/id_rsa.pub</code> and copy output removing ssh-rsa and last part: username@hostname
  
 
3. Configure switch/router
 
3. Configure switch/router
 
+
<pre>
Router_name_1#configure terminal
+
Router_name_1#configure terminal
Router_name_1(config)#ip ssh pubkey-chain  
+
Router_name_1(config)#ip ssh pubkey-chain  
Router_name_1(conf-ssh-pubkey)#[[username]] YOUR_USERNAME
+
Router_name_1(conf-ssh-pubkey)#username YOUR_USERNAME
Router_name_1(conf-ssh-pubkey-user)#key-string
+
Router_name_1(conf-ssh-pubkey-user)#key-string
Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw       
+
Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw       
Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F       
+
Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F       
Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI         
+
Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI         
Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX       
+
Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX       
Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn       
+
Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn       
Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw==
+
Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw==
Router_name_1(conf-ssh-pubkey-data)#exit
+
Router_name_1(conf-ssh-pubkey-data)#exit
Router_name_1(conf-ssh-pubkey-user)#exit
+
Router_name_1(conf-ssh-pubkey-user)#exit
Router_name_1(conf-ssh-pubkey)#exit
+
Router_name_1(conf-ssh-pubkey)#exit
Router_name_1(config)#
+
Router_name_1(config)#
 +
</pre>
  
 
View config:  
 
View config:  
Line 32: Line 33:
  
 
== Related Activities ==
 
== Related Activities ==
* [[Cisco IOS: Associate a user with default higher privileges]] using <code>username</code> command
+
* [[Cisco IOS/Associate a user with default higher privileges]] using <code>username</code> command
* <code>[[transport input ssh]]</code>
 
* <code>[[ip ssh]]</code>
 
  
 
== See also ==
 
== See also ==
 
* [[Configure OpenSSH to allow Public-key authentication]]
 
* [[Configure OpenSSH to allow Public-key authentication]]
 
* <code>ssh-keygen</code>
 
* <code>ssh-keygen</code>
* {{IOS ssh}}
 
* {{IOS}}
 
  
 
[[Category: Cisco]]
 
[[Category: Cisco]]

Please note that all contributions to wikieduonline may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see Wikieduonline:Copyrights for details). Do not submit copyrighted work without permission!

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "https://www.wikieduonline.com/wiki/Cisco_IOS:_Configure_public_RSA_key_authentication"

Advertising: