Ip ssh pubkey-auth, Crypto key pubkey-chain ssh, Ip ssh pubkey-auth crypto key pubkey-chain ssh – Allied Telesis AT-S95 CLI User Manual

Page 238

Not approved by Document Control. For review only.

Allied Telesis

Command Line Interface User’s Guide

Command Mode

Global Configuration mode

User Guidelines

RSA keys are generated in pairs: one public RSA key and one private RSA key. If the device already has RSA
keys, a warning and prompt to replace the existing keys with new keys are displayed.

This command is not saved in the device configuration; however, the keys generated by this command are saved
in the private configuration which is never displayed to the user or backed up on another device.

RSA keys are saved to the backup master.

This command may take a considerable period of time to execute.

Example

The following example generates RSA key pairs.

ip ssh pubkey-auth

The ip ssh pubkey-auth Global Configuration mode command enables public key authentication for incoming
SSH sessions. Use the no form of this command to disable this function.

Syntax

ip ssh pubkey-auth

no ip ssh pubkey-auth

Default Configuration

Public Key authentication for incoming SSH sessions is disabled.

Command Mode

Global Configuration mode

User Guidelines

AAA authentication is independent

Example

The following example enables public key authentication for incoming SSH sessions.

crypto key pubkey-chain ssh

The crypto key pubkey-chain ssh Global Configuration mode command enters the SSH Public Key-chain
Configuration mode. The mode is used to manually specify other device public keys such as SSH client public
keys.

Console(config)# crypto key generate rsa

Console(config)# ip ssh pubkey-auth