When you need to enable the SSH SERVER service, use this command to generate a public key on
the SSH server and enable the SSH SERVER service by command enable service ssh-server at
the same time. SSH 1 uses the RSA key; SSH 2 uses the RSA or DSA key. Therefore, if a RSA key
has been generated, both SSH1 and SSH2 can use it. If only a DSA key is generated, only SSH2 can
use it.
Only DSA/RSA authentication is available for one connection. Also, the key algorithm may differ
in different client. Thus, it is recommended to generate both RSA and DSA keys so as to ensure
connection with the portal server.
RSA has a minimum modulus of 512 bits and a maximum modulus of 2,048 bits; DSA has a
minimum modulus of 360 bits and a maximum modulus of 2,048 bits. For some clients like SCP
clients, a 768-bit or more key is required. Thus, it is recommended to generate the key of 768
bits or more.
A key can be deleted by using the no crypto key generate command. The no crypto key
zeroize command is not available.
The following example generates an RSA key to the SSH server.
Ruijie# configure terminal
Ruijie(con fig)# crypto key generate rsa
To Next Page
Loading...
Need help?
General