User Guide

OmniAccess SafeGuard OS Administration Guide

Chapter 2: Accessing and Managing the System

The following example specifies how to download an SSH RSA1 key file from the TFTP server:

(SafeGuardOS) # copy tftp://180.29.52.20/keys nvram:sshkey-rsa1

(SafeGuardOS) #

Generating DSA, RSA, RSA Keys

The first time that SSH is enabled, the SafeGuard OS generates keys for DSA, RSA and

RSA1 which are not installed. The key deciphers the SSH encryption. To generate new

SSH keys, in Global Configuration mode use the ip ssh key generate command.

ip ssh key generate key

The following example generates all SSH keys:

(SafeGuardOS) #configure terminal

(SafeGuardOS) (config) #ip ssh key generate all

(SafeGuardOS) (config) #exit

(SafeGuardOS) #

Deleting DSA, RSA, RSA Keys

To delete all installed SSH keys, in Global Configuration mode enter the ip ssh key delete

command. The command has no parameters or variables.

The following example deletes all installed keys:

nvram:sshkey-rsa1 Specifies to download a SSH RSA1 key

file.

nvram:sshkey-rsa Specifies to download a SSH RSA2 key

file.

NOTE: In order to be in export compliance, the SafeGuard OS generates keys

that are just 56-bits in length. If you need a key that is larger than this, create

the key externally.

Syntax Description key Key to generate. Valid entries are:

■ DSA

■ RSA

■ RSA1

■ all

Specifying all generates all SSH keys.

If key is not specified, the command

generates any keys not currently installed.