beautypg.com

Enabling sshv2 client, Configuring ssh2 client public key authentication, Generating and deleting a client dsa key pair – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 273: Generating and deleting a client rsa key pair

background image

Multi-Service IronWare Security Configuration Guide

255

53-1003035-02

SSH server version 2 support

5

Public Key authentication

Message Authentication Code (MAC) algorithm: hmac-sha1

Key exchange algorithm: diffie-hellman-group1-sha1

Compression algorithms are not supported.

The client session can be established through either in-band or out-of-band management
ports.

The client session can be established through IPv4 or IPv6 protocol access.

The client session can be established to a server listening on a non-default SSH server port.

Enabling SSHv2 client

When SSH2 server is enabled, you can use SSH client to connect to an SSH server using password
authentication.

Configuring SSH2 client public key authentication

To use SSH client for public key authentication, you must generate SSH client authentication keys
and export the public key to the SSH servers to which you want to connect.

The following sections describe how to configure SSH client public key authentication:

“Generating and deleting a client DSA key pair”

“Generating and deleting a client RSA key pair”

“Exporting client public keys”

“Importing client public keys”

Generating and deleting a client DSA key pair

Client keys are independent of host keys. Both DSA and RSA client keys can co-exist in the system.
The RSA client key will be used for outbound session when both exist. To generate a client DSA key
pair, enter the following command.

Brocade(config)#crypto key client generate dsa

To delete the DSA host key pair, enter the following command.

Brocade(config)#crypto key client zeroize dsa

Syntax: crypto key client generate | zeroize dsa

The generate keyword places a host key pair in the flash memory.

The zeroize keyword deletes the host key pair from the flash memory.

The dsa keyword specifies a DSA host key pair.

Generating and deleting a client RSA key pair

Client keys are independent of host keys. Both DSA and RSA client keys can co-exist in the system.
The RSA client key will be used for outbound session when both exist. To generate a client RSA key
pair, enter a command such as the following:

Brocade(config)#crypto key client generate rsa modulus 2048

See also other documents in the category Brocade Computer Accessories: