Configuration Guide Configuring SSH
Only SSHv2 supports authentication based on the public key. This configuration associates a public key file on the
client with a user name. When a client is authenticated upon login, a public key file is specified based on the user name.
Verification
Run the show ip ssh command to display the current SSH version, authentication timeout, and maximum number of
authentication retries of the SSH server.
Run the show crypto key mypubkey command to display the public information of the public key to verify whether the
key has been generated.
Configure the public key authentication login mode on the SSH client and specify the private key file. Check whether
you can successfully log in to the SSH server from the SSH client. If yes, the public key file on the client is successfully
associated with the user name, and public key authentication succeeds.
Related Commands
Enabling the SSH Server
enable service ssh-server
Global configuration mode
To disable the SSH server, run the no enable service ssh-server command in global configuration mode.
After this command is executed, the SSH server state changes to DISABLE.
Disconnecting an Established SSH Session
disconnect ssh[vty] session-id
vty: Indicates an established virtual teletype terminal (VTY) session.
session-id: Indicates the ID of the established SSH session. The value ranges from 0 to 35.
Specify an SSH session ID to disconnect the established SSH session. Alternatively, specify a VTY session
ID to disconnect a specified SSH session. Only an SSH session can be disconnected.
Generating an SSH Key
crypto key generate {rsa|dsa}
rsa: Generates an RSA key.
dsa: Generates a DSA key.
Global configuration mode
The no crypto key generate command does not exist. You need to run the crypto key zeroize command
to delete a key.
To Next Page
Loading...
