Filter
Top Products
Using RSA Authentication of SSH
The following procedure authenticates an SSH client based on an RSA key using RSA authentication. This
method uses SSH version 2.
1. On the SSH client (Unix machine), generate an RSA key, as shown in the following example.
2. Copy the public key id_rsa.pub to the Dell Networking system.
3. Disable password authentication if enabled.
CONFIGURATION mode
no ip ssh password-authentication enable
4. Bind the public keys to RSA authentication.
EXEC Privilege mode
ip ssh rsa-authentication enable
5. Bind the public keys to RSA authentication.
EXEC Privilege mode
ip ssh rsa-authentication my-authorized-keys flash://public_key
Example of Generating RSA Keys
admin@Unix_client#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/admin/.ssh/id_rsa):
/home/admin/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/admin/.ssh/id_rsa.
Your public key has been saved in /home/admin/.ssh/id_rsa.pub.
Configuring Host-Based SSH Authentication
Authenticate a particular host. This method uses SSH version 2.
To configure host-based authentication, use the following commands.
1. Configure RSA Authentication. Refer to Using RSA Authentication of SSH.
2. Create shosts by copying the public RSA key to the file shosts in the directory .ssh, and write the IP
address of the host to the file.
cp /etc/ssh/ssh_host_rsa_key.pub /.ssh/shosts
Refer to the first example.
3. Create a list of IP addresses and usernames that are permitted to SSH in a file called rhosts.
Refer to the second example.
4. Copy the file shosts and rhosts to the Dell Networking system.
5. Disable password authentication and RSA authentication, if configured
CONFIGURATION mode or EXEC Privilege mode
no ip ssh password-authentication or no ip ssh rsa-authentication
6. Enable host-based authentication.
Security
821