Solved: Hello Narvenka, I have try to - Cisco Community

2859

Views

0

Helpful

7

Replies

Hello,

Is there a way to store the client Incoming SSH keys in the router similar to some other vendors ?

Thanks

1 Accepted Solution

Accepted Solutions

Hi Rakhesh,

This is to manually specify the location where the client details to be stored otherwise it get stored in sysdb tuple.

Its not possible to view them in file format. By configuring the file as you mentioned above using ssh known hosts, it gets started storing in the mentioned file. ex below:

RP/0/RSP0/CPU0:GOT#show run | i ssh

Building configuration...

ssh client knownhost harddisk:/known_hosts

ssh server v2

ssh server vrf default

RP/0/RSP0/CPU0:GOT#dir harddisk:/known_hosts

Directory of harddisk:

8171890 -rw- 59 Thu Oct 24 12:51:13 2013 known_hosts

3261054976 bytes total (2736045568 bytes free)

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#more harddisk:/known_hosts

00000000: 37000000 33000000 13000000 312e3536 7... 3... .... 1.56

00000010: 2e33342e 3235312f 7373682d 64737303 .34. 251/ ssh- dss.

00000020: 00000014 00000048 39f3b573 3bb49640 .... ...H 9s5s ;4.@

00000030: aef4ce4c b1a97490 95593eXX XXXXXXXX .tNL 1)t. .Y>X XXXX

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#

thanks

Venkat

View solution in original post

7 Replies 7

Are you looking for SSH RSA based authentication ? Yes, its supported in XR.

What information do you need on SNMP key storage ? can you explain ?

Hello Narvenka,

Thanks for the reply, I basically have a group of Public Key hosts which i want to hardcode on my Asr9k Box, typically on a Nix Setup it shall go under ssh_known_hosts or similar File, how do i save the fingerprints on an ASR Box ?

Thanks

Yeah you can do this by RP/0/RSP0/CPU0:GOT#crypto key import authentication rsa

Regards

Venkat

Hello Venkat,

Thanks for the reply, Can you let me know what the below code does ?

-----------------------

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# ssh client knownhost disk0:/ssh.knownhost

RP/0/RP0/CPU0:router(config)# commit

RP/0/RP0/CPU0:router# ssh host1 username user1234

Host key not found from the list of known hosts.

Are you sure you want to continue connecting (yes/no)? yes

Password:

RP/0/RP0/CPU0:host1# exit

------------------

Thank You

Hi Rakhesh,

This is to manually specify the location where the client details to be stored otherwise it get stored in sysdb tuple.

Its not possible to view them in file format. By configuring the file as you mentioned above using ssh known hosts, it gets started storing in the mentioned file. ex below:

RP/0/RSP0/CPU0:GOT#show run | i ssh

Building configuration...

ssh client knownhost harddisk:/known_hosts

ssh server v2

ssh server vrf default

RP/0/RSP0/CPU0:GOT#dir harddisk:/known_hosts

Directory of harddisk:

8171890 -rw- 59 Thu Oct 24 12:51:13 2013 known_hosts

3261054976 bytes total (2736045568 bytes free)

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#more harddisk:/known_hosts

00000000: 37000000 33000000 13000000 312e3536 7... 3... .... 1.56

00000010: 2e33342e 3235312f 7373682d 64737303 .34. 251/ ssh- dss.

00000020: 00000014 00000048 39f3b573 3bb49640 .... ...H 9s5s ;4.@

00000030: aef4ce4c b1a97490 95593eXX XXXXXXXX .tNL 1)t. .Y>X XXXX

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#

RP/0/RSP0/CPU0:GOT#

thanks

Venkat

Thank You Venkat, Much Appreciated

Hello Narvenka,

I have try to import public key with no success. get this message:

RP/0/RSP1/CPU0:XXX#crypto key import authentication rsa tftp://10.232.201.180/publickey.pub
Wed Jul 16 14:00:15.558 ODO
Cannot execute the command : Invalid argument.

i confirmed that the path is correct copying the file to disk0: and also tried the command: crypto key import authentication rsa disk0:publickey.pub with same result.

Could you explain step by step how to configure it?

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community