10-23-2013 07:02 AM
Hello,
Is there a way to store the client Incoming SSH keys in the router similar to some other vendors ?
Thanks
Solved! Go to Solution.
10-24-2013 02:02 PM
Hi Rakhesh,
This is to manually specify the location where the client details to be stored otherwise it get stored in sysdb tuple.
Its not possible to view them in file format. By configuring the file as you mentioned above using ssh known hosts, it gets started storing in the mentioned file. ex below:
RP/0/RSP0/CPU0:GOT#show run | i ssh
Building configuration...
ssh client knownhost harddisk:/known_hosts
ssh server v2
ssh server vrf default
RP/0/RSP0/CPU0:GOT#dir harddisk:/known_hosts
Directory of harddisk:
8171890 -rw- 59 Thu Oct 24 12:51:13 2013 known_hosts
3261054976 bytes total (2736045568 bytes free)
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#more harddisk:/known_hosts
00000000: 37000000 33000000 13000000 312e3536 7... 3... .... 1.56
00000010: 2e33342e 3235312f 7373682d 64737303 .34. 251/ ssh- dss.
00000020: 00000014 00000048 39f3b573 3bb49640 .... ...H 9s5s ;4.@
00000030: aef4ce4c b1a97490 95593eXX XXXXXXXX .tNL 1)t. .Y>X XXXX
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#
thanks
Venkat
10-23-2013 05:18 PM
Are you looking for SSH RSA based authentication ? Yes, its supported in XR.
What information do you need on SNMP key storage ? can you explain ?
10-23-2013 05:34 PM
Hello Narvenka,
Thanks for the reply, I basically have a group of Public Key hosts which i want to hardcode on my Asr9k Box, typically on a Nix Setup it shall go under ssh_known_hosts or similar File, how do i save the fingerprints on an ASR Box ?
Thanks
10-23-2013 07:05 PM
Yeah you can do this by RP/0/RSP0/CPU0:GOT#crypto key import authentication rsa
Regards
Venkat
10-24-2013 02:38 AM
Hello Venkat,
Thanks for the reply, Can you let me know what the below code does ?
-----------------------
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# ssh client knownhost disk0:/ssh.knownhost
RP/0/RP0/CPU0:router(config)# commit
RP/0/RP0/CPU0:router# ssh host1 username user1234
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
Password:
RP/0/RP0/CPU0:host1# exit
------------------
Thank You
10-24-2013 02:02 PM
Hi Rakhesh,
This is to manually specify the location where the client details to be stored otherwise it get stored in sysdb tuple.
Its not possible to view them in file format. By configuring the file as you mentioned above using ssh known hosts, it gets started storing in the mentioned file. ex below:
RP/0/RSP0/CPU0:GOT#show run | i ssh
Building configuration...
ssh client knownhost harddisk:/known_hosts
ssh server v2
ssh server vrf default
RP/0/RSP0/CPU0:GOT#dir harddisk:/known_hosts
Directory of harddisk:
8171890 -rw- 59 Thu Oct 24 12:51:13 2013 known_hosts
3261054976 bytes total (2736045568 bytes free)
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#more harddisk:/known_hosts
00000000: 37000000 33000000 13000000 312e3536 7... 3... .... 1.56
00000010: 2e33342e 3235312f 7373682d 64737303 .34. 251/ ssh- dss.
00000020: 00000014 00000048 39f3b573 3bb49640 .... ...H 9s5s ;4.@
00000030: aef4ce4c b1a97490 95593eXX XXXXXXXX .tNL 1)t. .Y>X XXXX
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#
RP/0/RSP0/CPU0:GOT#
thanks
Venkat
10-24-2013 02:50 PM
Thank You Venkat, Much Appreciated
07-16-2014 11:06 AM
Hello Narvenka,
I have try to import public key with no success. get this message:
RP/0/RSP1/CPU0:XXX#crypto key import authentication rsa tftp://10.232.201.180/publickey.pub
Wed Jul 16 14:00:15.558 ODO
Cannot execute the command : Invalid argument.
i confirmed that the path is correct copying the file to disk0: and also tried the command: crypto key import authentication rsa disk0:publickey.pub with same result.
Could you explain step by step how to configure it?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide