Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SSH: ip ssh pubkey-chain not found

I have a 3560 switch running: version 12.2(55)SE3 image: c3560e-universalk9-mz.122-55.SE3.

I can ssh into the switch from a remote pc just fine using usernames and passwords.

I want to use keys so that the ssh does not prompt me for login info.

under my switch when I a in config t mode, I do not see the commands for: ip ssh pubkey-chain

I only have the following options under ip ssh

  • authentication-retires
  • dscp
  • logging
  • precedence
  • source-interface
  • time-out
  • version

All the documation i see has procedures for entering ip ssh pubkey-chain ...... but I don't get that option.

I thought the K9 image supported this? What have I not turned on for the options to appear?

As I said, I can ssh into the box fine, but when I follow a procedure for enabling ssh keys I don't get the commands they say should be available.

Thanks

  • LAN Switching and Routing
2 REPLIES
New Member

SSH: ip ssh pubkey-chain not found

Some documentation says to perform the following to setup ssh for rsa keys:

Configuring the Cisco IOS SSH Client to Perform RSA-Based Server Authentication

Perform this task to configure the Cisco IOS SSH client to perform RSA-based server authentication.

SUMMARY STEPS

1. enable

2. configure terminal

3. hostname name

4. ip domain-name name

5. crypto key generate rsa

6. ip ssh pubkey-chain

7. server server-name

8. key-string

9. exit

10. key-hash key-type key-name

11. end

12. configure terminal

13. ip ssh stricthostkeycheck

Step 6 is where i cannot complete the command because it does not exists. I do have a k9 image so its not that issue.

It turns out the i can get the same mode by entering:

(config)#crypto key pubkey-chain rsa

not sure if this is a documentation error or a difference between iso versions 15 and 12. 

New Member

It's a difference between IOS

It's a difference between IOS versions.  Support for login with SSH RSA keys begins in IOS 15.

2273
Views
0
Helpful
2
Replies