Difference between revisions of "Cisco IOS: Configure public RSA key authentication"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
3. Configure switch/router | 3. Configure switch/router | ||
| − | + | ||
| − | Router_name_1#configure terminal | + | Router_name_1#configure terminal |
| − | Router_name_1(config)#ip ssh pubkey-chain | + | Router_name_1(config)#ip ssh pubkey-chain |
| − | Router_name_1(conf-ssh-pubkey)#username YOUR_USERNAME | + | Router_name_1(conf-ssh-pubkey)#[[username]] YOUR_USERNAME |
| − | Router_name_1(conf-ssh-pubkey-user)#key-string | + | Router_name_1(conf-ssh-pubkey-user)#key-string |
| − | Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw | + | Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw |
| − | Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F | + | Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F |
| − | Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI | + | Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI |
| − | Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX | + | Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX |
| − | Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn | + | Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn |
| − | Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw== | + | Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw== |
| − | Router_name_1(conf-ssh-pubkey-data)#exit | + | Router_name_1(conf-ssh-pubkey-data)#exit |
| − | Router_name_1(conf-ssh-pubkey-user)#exit | + | Router_name_1(conf-ssh-pubkey-user)#exit |
| − | Router_name_1(conf-ssh-pubkey)#exit | + | Router_name_1(conf-ssh-pubkey)#exit |
| − | Router_name_1(config)# | + | Router_name_1(config)# |
| − | |||
View config: | View config: | ||
Revision as of 09:52, 25 October 2020
Main Command: ip ssh pubkey-chain[1]
Configuration Example in Linux:
1. Generate your key if you do not have already one: ssh-keygen
2. Split your key in 72 characters lines: fold -b -w 72 ~/.ssh/id_rsa.pub and copy output removing ssh-rsa and last part: username@hostname
3. Configure switch/router
Router_name_1#configure terminal Router_name_1(config)#ip ssh pubkey-chain Router_name_1(conf-ssh-pubkey)#username YOUR_USERNAME Router_name_1(conf-ssh-pubkey-user)#key-string Router_name_1(conf-ssh-pubkey-data)#AAAAB6NzaC1yc2EAAAABJQAAAQEAijoMF9oBwyQxwYbVlFprz+fG8oe5uAcCxwMw Router_name_1(conf-ssh-pubkey-data)#eIR1lyAnDJIsYbTbcdm+n5KiQnCt2561MpN4yOFpajFNM/dqH7/jYaqaicHCSV2F Router_name_1(conf-ssh-pubkey-data)#RGauEp7FzN/uXxsX7mii6qOuxovl9OflLpXcvH5QH6551ycmL8nIv8UCY8uayiGI Router_name_1(conf-ssh-pubkey-data)#INsC0LyKEctWDW6qWp43T7rhcP0y4JoMraTCZLIPNE0Bo0bHgnGLg6fEvJmyB3sX Router_name_1(conf-ssh-pubkey-data)#H+7BaxHdYKg2OcIgVqYzclWhDwxj32kqd1BCq089iBMrb4QppDU2eM/t22iK29mn Router_name_1(conf-ssh-pubkey-data)#eqOGTiCkxB80ix+KULT9okmqkj3TbhCpunTfuPCCRNrjqndBsw== Router_name_1(conf-ssh-pubkey-data)#exit Router_name_1(conf-ssh-pubkey-user)#exit Router_name_1(conf-ssh-pubkey)#exit Router_name_1(config)#
View config:
Posible errors:
%SSH: Failed to decode the Key Value. Make sure you split your key on multiple lines with fold command
Related Activities
- Associate a user with default higher privileges using
usernamecommand
See also
- Configure OpenSSH to allow Public-key authentication
ssh-keygen- Cisco IOS: Cisco IOS XE, Config (mode), VLANs, Cisco IOS logging, VTP, ACLs,
show logging,show logging history,show interface status,debug,archive,show archive,conf t,int,ip http server,ip ssh,ip address, vty,show mac address-table,show access-list, Access-list,ip access-group,admin
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.
Source: https://en.wikiversity.org/wiki/Cisco_IOS/Configure_public_RSA_key_authentication
Advertising:
