Difference between revisions of "Cisco IOS: configure public RSA key authentication"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
| Line 39: | Line 39: | ||
Posible errors: | Posible errors: | ||
<code>%SSH: Failed to decode the Key Value</code>. Make sure you split your key on multiple lines with <code>[[fold]]</code> command | <code>%SSH: Failed to decode the Key Value</code>. Make sure you split your key on multiple lines with <code>[[fold]]</code> command | ||
| + | |||
| + | |||
| + | == Remove user from ssh authentication == | ||
| + | |||
== Related Activities == | == Related Activities == | ||
Revision as of 10:52, 14 April 2021
Contents
Configure public RSA key authentication
Main Cisco IOS command: ip ssh pubkey-chain[1]
Configuration Example in Linux:
1. Generate your key if you do not have already one: ssh-keygen
2. Split your key in 72 characters lines: fold -b -w 72 ~/.ssh/id_rsa.pub and copy output removing ssh-rsa and last part: username@hostname
3. Configure switch/router
Router_name_1#configure terminal Router_name_1(config)#ip ssh pubkey-chain Router_name_1(conf-ssh-pubkey)#username YOUR_USERNAME Router_name_1(conf-ssh-pubkey-user)#key-string Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw== Router_name_1(conf-ssh-pubkey-data)#exit Router_name_1(conf-ssh-pubkey-user)#exit Router_name_1(conf-ssh-pubkey)#exit Router_name_1(config)#
View config:
.../... ip ssh pubkey-chain username USERNAME1 key-hash ssh-rsa 767FA62B914XX0094A293CE7E50C7E35 username USERNAME2 key-hash ssh-rsa C718DBA2DC9XX08C3BF35331E2E8EAt6 .../...
Posible errors:
%SSH: Failed to decode the Key Value. Make sure you split your key on multiple lines with fold command
Remove user from ssh authentication
Related Activities
- Associate a user with default higher privileges using
usernamecommand
See also
- Digital Media Concepts/RSA (cryptosystem)
ssh-keygenshow ssh,show ip ssh, Cisco IOS/Configure public RSA key authentication,transport input ssh,ip ssh pubkey-chain,crypto key generate rsa,show crypto key mypubkey rsa,crypto key zeroize rsa
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.
Source: https://en.wikiversity.org/wiki/Cisco_IOS/Configure_public_RSA_key_authentication
Advertising:
