12-10-2006 01:38 PM - edited 03-10-2019 03:22 AM
hi i am new to cisco ips. i wanted to ssh into the ips from a cisco router. i generated ssh keys on the router with the crypto key generate rsa command.
on the ips i tried to add the authorised keys for ssh.
when i copied the keys from the router and pasted in the public modulus field it gives me a error saying . it does not match the pattern
^[0-9]+$.
can someone pls help. where i am going wrong.
regards
sebastan
12-10-2006 06:31 PM
If your router is accessible by IPS (and vice-versa), can you add the router's IP as trusted host to IPS, and skip the key portion? This is because if the router is accessible at the moment the command is issued, no key is required to be entered. Try to ssh again to the IPS.
The "ssh host-key ip-address [key-modulus-length public-exponent public-modulus]" command is needed if the router is unreachable. This is to confirm the fingerprint of the key displayed for security purposes.
Hope this helps.
AK
12-11-2006 06:42 AM
hi ak i guess u didn;t get my question properly. i am not asking abt adding known host keys of routers for the ids to communicate to the routers.
i want to ssh from a router to the ips. for which i want to add the authorised ssh keys of the router to access the ips.
can u pls tell me abt that. as i told u the problem i am facing while pasting the public key of router onto the ips.
waiting for ur reply.
regards
sebastan
12-11-2006 03:50 PM
Not sure if I wrongly understand it. But as far as I know, the ssh key you generated in router is good when you need to SSH into that router, and that ssh key will not be recognized by IPS. When you ssh to the router, you should noticed that it will ask you whether to keep permanent or temporary the router's ssh key.
But if you need to add allow host and add ssh to the IPS, you need to use different steps as explained in the above Cisco IPS doc link:
sensor# configure terminal
sensor(config)# ssh host-key 10.1.1.1
sensor(config)#exit
sensor# show ssh host-keys 10.1.1.1 --> view the ssh key authorised for the router
1024 35
139306213541835240385332922253968814685684523520064131997839905113640120217816869696708721
704631322844292073851730565044879082670677554157937058485203995572114631296604552161309712
601068614812749969593513740598331393154884988302302182922353335152653860589163651944997842
874583627883277460138506084043415861927
MD5: 49:3F:FD:62:26:58:94:A3:E9:88:EF:92:5F:52:6E:7B
Bubble Babble: xebiz-vykyk-fekuh-rukuh-cabaz-paret-gosym-serum-korus-fypop-huxyx
sensor#
HTH
AK
12-11-2006 06:10 PM
Hi,
I guess tht you need to copy the public key(not the private key) from the router and pasted it in the authorised key file for ssh.
RSA generations will create a public key and private key. Public key remain in the router and only public key be copied.
Hopes that help
12-13-2006 01:00 AM
ak u are completely wrong and not understanding my question at all.
i said the ips could easily added the ssh keys of the router as known keys. means the ips can access the router via ssh for blocking actions on the router.
i want is to add the router;s ssh keys as the authorised keys . so that i can ssh from the router to the ips.
i hope atleast now u get the question properly.
when i try to paste the keys from the router to the ips it gives a error as i mentioned it above. is there a seperate format for it.
can someone pls help me on this.
regards
sebastan
12-13-2006 02:27 AM
We have similar problem with the public key, and eventually give-up. The IPS-ssh device registration obviously was a good option, and it works well.
12-13-2006 03:11 AM
I think IPS use different key format than router:
border_ro1#sh crypto key mypubkey rsa
% Key pair was generated at: 00:07:28 UTC Dec 12 2006
Key name: border_ro1.xxxxx.com
Usage: General Purpose Key
Key Data:
305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C166E8 D6456A39
744CE5A7 C95D2F1C EFE9F11F 8A2E6F08 2CFA4968 EE8AB1CE 2B8F4159 6B1C6E51
6993DD24 AAB79B18 ED098F0E 00F3BDE9 68819020 1CE94869 D5020301 0001
border_ro1#
12-13-2006 05:18 AM
hi u are very right. pn the ips when i retrived the ssh of the router with the retrive key command. the ssh key shows on the ips was completely different as to what key the router shows me. i guess the ips changes the format in which the ssh keys are stored.
regards
sebastan
12-13-2006 06:02 AM
Hi Sebastan,
I'm one of the Student from Univesity in Malaysia. Currently I'm doing thesis related to Intrusion Prevention System at Host level. I need your help to revert back threats which unable to resolve by current IPS system. I have to investigate on the threats and find the solution. Appreciate if you could share your idea with me. Please do not hesitate to send your email to m.thangavelu@shell.com.
Thanks in adavnce,
Murugan
12-13-2006 10:23 AM
hi murugan can u tell me in detail what u want to do and what kind of help u need from me. i would like to help u .
see ya
regards
sebastan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: