5 configuring rsa key – CANOGA PERKINS 9175 Configuration Guide User Manual

CanogaOS Configuration Guide

41-2

DUT#configure terminal

Enter the Configure mode.

• Specify the number of times that a client can
re-authenticate to the server. The default is 6; the
range is 1 to 6.

DUT(config)#ip ssh server authentication-type all

Configure the SSH control parameters:

• Specify the authentication type. The default is
password and public-key.

DUT(config)#ip ssh server rekey-interval 100

Configure the SSH control parameters:

• Specify the server key lifetime. The default is 60
minutes.

DUT(config)#exit

Exit the Configure mode.

Validation Commands
To display the SSH server configuration, use the show ip ssh server status privileged
EXEC command.

DUT#show ip ssh server status
SSH server enabled
Version: 1.99
Authentication timeout: 100 second(s)
Authentication retries: 3 time(s)
Server key lifetime: 100 minute(s)
Authentication type: all

41.5 Configuring RSA Key

Beginning in privileged EXEC mode, follow these steps to configure RSA key:

DUT#configure terminal

Enter the Configure mode.

DUT(config)#rsa key key_test import url
flash:/key_test.pub public ssh2

Import RSA key.

In this case, the RSA key type is public and SSH2.

DUT(config)#username user_a assign rsa key
key_test

Assign user with RSA key.

DUT(config)#exit

Exit the Confiure mode.

To delete RSA key, use the no rsa key global configuration command.

Validation Commands
To display RSA key configuration, use the show rsa keys privileged EXEC command.

DUT#show rsa keys
Current RSA key configuration:
Name Type Usage Modulus
===================================================
key_test public 0 1024

To display user configuration, use the show usernames privileged EXEC command.

DUT#show usernames
Number User name Privilege Password Rsa Key
===================================================
1 user_a 1 key_test