Filter
Top Products
86
Enhancements in Release F.04.08
Configuring Secure Shell (SSH)
To Generate or Erase the Switch’s Public/Private RSA Host Key Pair. Because the host key
pair is stored in flash instead of the running-config file, it is not necessary to use write memory to save
the key pair. Erasing the key pair automatically disables SSH.
Syntax: crypto key generate [rsa] Generates a public/private key pair for
the switch. If a switch key pair already exists, replaces
it with a new key pair. (See the Note, above.)
crypto key zeroize [rsa] Erases the switch’s public/private key pair
and disables SSH operation.
show ip ssh host-public-key Displays switch’s public key as an ASCII string.
[ babble ] Displays a hash of the switch’s public key in phonetic
format. (See “Displaying the Public Key” on page 88.)
[ fingerprint ] Displays a "fingerprint" of the switch’s public key in
hexadecimal format. (See "Displaying the Public Key"
on page 88.)
For example, to generate and display a new key:
Figure 31. Example of Generating a Public/Private Host Key Pair for the Switch
Notes
"Zeroizing" the switch’s key automatically disables SSH (sets IP SSH to No). Thus, if you zeroize the
key and then generate a new key, you must also re-enable SSH with the ip ssh command before the
switch can resume SSH operation.
Host Public Key
for the Switch