beautypg.com

Generating and deleting an rsa key pair, Deleting dsa and rsa key pairs, Providing the public key to clients – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 85

background image

Generating and deleting an RSA key pair

To generate an RSA key pair, enter a command such as the following:

device(config)#crypto key generate rsa modulus 2048

To delete the RSA host key pair, enter the following command.

device(config)#crypto key zeroize rsa

Syntax: crypto key { generate | zeroize } rsa [ modulus modulus-size ]

The generate keyword places an RSA host key pair in the flash memory and enables SSH on the
device, if it is not already enabled.

The optional [modulus modulus-size ] parameter specifies the modulus size of the RSA key pair, in
bits. The valid values for modulus-size are 1024 or 2048. The default value is 1024.

The zeroize keyword deletes the RSA host key pair from the flash memory. This disables SSH if no
other authentication keys exist on the device.

The rsa keyword specifies an RSA host key pair.

NOTE
OnICX 6430 and ICX 6450 devices, the crypto key generate command can take up to 16 minutes to
complete.

Deleting DSA and RSA key pairs

To delete DSA and RSA key pairs from the flash memory, enter the following command:

device(config)#crypto key zeroize

Syntax: crypto key zeroize

The zeroize keyword deletes the host key pair from the flash memory. This disables SSH.

Providing the public key to clients

The host DSA or RSA key pair is stored in the system-config file of the Brocade device. Only the public
key is readable. Some SSH client programs add the public key to the known hosts file automatically. In
other cases, you must manually create a known hosts file and place the public key of the Brocade
device in it.

If you are using SSH to connect to a Brocade device from a UNIX system, you may need to add the
public key on the Brocade device to a “known hosts” file on the client UNIX system; for example,
$HOME/.ssh/known_hosts. The following is an example of an entry in a known hosts file.

AAAAB3NzaC1kc3MAAACBAPY8ZOHY2yFSJA6XYC9HRwNHxaehvx5wOJ0rzZdzoSOXxbET

W6ToHv8D1UJ/

z+zHo9Fiko5XybZnDIaBDHtblQ+Yp7StxyltHnXF1YLfKD1G4T6JYrdH YI14Om

1eg9e4NnCRleaqoZPF3UGfZia6bXrGTQf3gJq2e7Yisk/gF+1VAAAAFQDb8D5cv

wHWTZDPfX0D2s9Rd7NBvQAAAIEAlN92+Bb7D4KLYk3IwRbXblwXdkPggA4pfdtW9v

GfJ0/RHd+NjB4eo1D+0dix6tXwYGN7PKS5R/FXPNwxHPapcj9uL1Jn2AWQ2dsknf+i/FAA

vioUPkmdMc0zuWoSOEsSNhVDtX3WdvVcGcBq9cetzrtOKWOocJmJ80qadxTRHtUAAACB

AN7CY+KKv1gHpRzFwdQm7HK9bb1LAo2KwaoXnadFgeptNBQeSXG1vO+JsvphVMBJc9HS

n24VYtYtsMu74qXviYjziVucWKjjKEb11juqnF0GDlB3VVmxHLmxnAz643WK42Z7dLM5

sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV

Generating and deleting an RSA key pair

FastIron Ethernet Switch Security Configuration Guide

85

53-1003088-03

See also other documents in the category Brocade Computer Accessories: