Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX, SSH and RSA public key authentication

I'd like to know if, in future versions of the pix firewall software , it will be possible to store RSA public keys on the pix flash memory, to authenticate clients connecting to it via ssh using RSA public key authentication instead of a password.

Thanks for your attention.


Re: PIX, SSH and RSA public key authentication


Yes you can save the generated RSA key onto the PIX Flash memory. Use command, in config mode after you have generated your key with command: ca generate rsa key , remember that the bigger the key size the stronger the ssh connection. I prefer to use key size 2048. You'll need DES or 3DES activated on your PIX.

> ca save all

You can view your generated RSA key by issuing command: sho ca mypubkey rsa

Hope this helps, Jay.

New Member

Re: PIX, SSH and RSA public key authentication


what I'd like to do is to put the public key of my pc on the pix flash memory, so it could authenticate me by checking that I own the corresponding secret key; such a thing is possible on any other ssh server, and it would be very handy feature to have on the pix firewall, too.