Step 3 Export the public and private keys from the home directory of the Cisco NX-OS device to the specified bootflash directory.
Example:
switch(config)# username admin keypair export bootflash:key_rsa rsa
Enter Passphrase:
switch(config)# dir
.
.
.
951 Jul 09 11:13:59 2013 key_rsa
221 Jul 09 11:14:00 2013 key_rsa.pub
.
.
Step 4 After copying these two files to another Cisco NX-OS device using the copy scp or copy sftp command, import them
to the home directory of the Cisco NX-OS device.
Example:
switch(config)# username admin keypair import bootflash:key_rsa rsa
Enter Passphrase:
switch(config)# show username admin keypair
**************************************
rsa Keys generated: Thu Jul 9 11:10:29 2013
ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEAxWmjJT+oQhIcvnrMbx2BmD0P8boZElTfJ
Fx9fexWp6rOiztlwODtehnjadWc6A+DE2DvYNvqsrU9TBypYDPQkR/+Y6cKubyFW
VxSBG/NHztQc3+QC1zdkIxGNJbEHyFoajzNEO8LLOVFIMCZ2Td7gxUGRZc+fbq
S33GZsCAX6v0=
bitcount:262144
fingerprint:
8d:44:ee:6c:ca:0b:44:95:36:d0:7d:f2:b5:78:74:7d
**************************************
could not retrieve dsa key information
**************************************
switch(config)#
Step 5 On the SCP or SFTP server, append the public key stored in key_rsa.pub to the authorized_keys file.
Example:
$ cat key_rsa.pub >> $HOME/.ssh/ authorized_keys
You can now copy files from the Cisco NX-OS device to the server without a password using standard SSH and SCP
commands.
Step 6 (Optional) Repeat this procedure for the DSA keys.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
152
Configuring SSH and Telnet
Configuration Example for SSH Passwordless File Copy
To Next Page
Loading...
