System information

ManualsBrandsCisco ManualsComputer equipment5428 - SN Router

541

542

543

544

545

546

547

548

549

550

12-544

Cisco SN 5428-2 Storage Router Software Configuration Guide

78-15471-01

Chapter 12 Command Line Interface Reference

ssh keygen

To generate the SSH public and private key pair for the SN 5428-2 Storage Router, use the ssh keygen

command.

ssh keygen [bits nn]

Syntax Description

Defaults 1024 bit public and private keys are generated for the storage router.

Command Modes Administrator or Monitor.

Command History

Usage Guidelines The SN 5428-2 Storage Router supports Secure Shell (SSH) protocol (version 2) as a replacement for

Telnet for management sessions. SSH is a de-facto standard replacement for traditional Rlogin and

Telnet that provides heavy-duty encryption and authentication for interactive sessions.

The storage router supports a single SSH management session. SSH is enabled by default, but

connections are not accepted until host keys are generated using the ssh keygen command. SSH

connections accept the Monitor mode login for authentication only; you must issue the enable CLI

command to gain Administrator access.

If the SSH server is enabled and the SSH service is running, you can still restrict SSH access to the

storage router for specific interfaces by using the restrict command.

After generating public/private key pairs, use the show ssh fingerprint command to display SSH key

generation status and the current key information.

Examples The following is example output from the ssh keygen command, followed by the show ssh fingerprint

command. By default, the host key pair is generated using 1024-bit encryption.

[SN5428-2A]# ssh keygen

Generating all 1024 bit public/private key pairs

The time to complete this operation will vary with the key size.

Use 'show ssh fingerprint' to display status.

[SN5428-2A]# show ssh fingerprint

Key generation status is 'Idle'

1024 da:35:91:9a:fe:70:20:a7:b0:2f:d2:0e:b1:6c:6f:10 admin@SN5428-2A

1024 7f:5e:95:9c:3b:cc:10:eb:62:76:a4:88:48:08:2c:de /ata3/ssh/ssh_host_rsa_key.pub

1024 10:a6:aa:52:6a:ac:44:8a:6f:5f:21:2e:6b:1a:da:fa /ata3/ssh/ssh_host_dsa_key.pub

bits nn Specify the number of bits to be used for the key encryption. Enter a value

in the range of 512 to 3072. The default is 1024 bit.

Release Modification

3.2.1 This command was introduced.