When you need to enable the SSH Server service, use this command to generate a public key on the
SSH server and enable the SSH SERVER service by the enable service ssh-server command at
the same time. SSH 1 uses the RSA key; SSH 2 uses the RSA or DSA key. Therefore, if an RSA key
has been generated, both SSH1 and SSH2 can use it. If only a DSA key is generated, only SSH2 can
use it.
A client only adopts either a DSA or an RSA public-key algorithm to authenticate the
server in one connection. But different clients support different public-key algorithms, in
order to ensure clients can successfully log in to the server, it is recommended to
generate both the DSA and the RSA public-key pairs on the server.
The minimum length of the RSA host key and the DSA host key is 512 bits, and the
maximum is 2048 bits. In SSH2, some clients (such as the SCP file transmission clients)
may require the server to generate a key with the length longer than or equal to 768 bits.
It is recommended to specify the modules of the host key as or larger than 768 bits
when configure the RSA and DSA host keys.
A key can be deleted by using the crypto key zeroize command. The no crypto key
generate command is not available.
To Next Page
Loading...
Need help?
General