Concept Guide
Usage Information
If you want to log in without being prompted for a password, log in through RSA authentication. To do that, rst
add the SSHv2 RSA public keys to the list of authorized keys. This command adds the specied RSA keys to the
following le: flash://ADMIN_DIR/ssh/authorized-keys-username (where username is the user
associated with this terminal).
NOTE: The no form of this command deletes the le flash://ADMIN_DIR/ssh/ authorized-
keys-username le.
Related Commands
show ip ssh rsa-authentication — displays the RSA authorized keys.
ip ssh rsa-authentication (Cong) — enables RSA authentication.
ip ssh server
Congure an SSH server.
Syntax
ip ssh server {ciphers cipher-list} {enable | port port-number} [kex key-
exchange-algorithm] [mac hmac-algorithm] [version {1 | 2}]
To disable SSH server functions, use the no ip ssh server {ciphers cipher-list} {enable |
port port-number} {kex key-exchange-algorithm command.
Parameters
enable Enter the keyword enable to start the SSH server.
ciphers cipher-list Enter the keyword ciphers and then a space-delimited list of ciphers that the SSH
server supports. The following ciphers are available.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is used.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
mac
hmac-
algorithm
Enter the keyword mac then a space-delimited list of hash message authentication code
(HMAC) algorithms supported by the SSH server for keying hashing for the message
authentication.
Security 1197