Importing authorized public keys into the device – Brocade BigIron RX Series Configuration Guide User Manual

Page 1075

Advertising
background image

BigIron RX Series Configuration Guide

997

53-1002484-04

Configuring SSH

31

1. Importing authorized public keys into the device.

2. Enabling DSA challenge response authentication

Importing authorized public keys into the device

SSH clients that support DSA authentication normally provide a utility to generate an DSA key pair.
The private key is usually stored in a password-protected file on the local host; the public key is
stored in another file and is not protected. You should collect one public key from each client to be
granted access to the device and place all of these keys into one file. This public key file is imported
into the device.

The following is an example of a public key file containing one public keys.

You can import the authorized public keys into the active configuration by loading them from a file
on a TFTP server and are saved on the EEPROM of the device. If you import a public key file from a
TFTP server, the file is automatically loaded into the active configuration the next time the device is
booted.

NOTE

You must ensure the format is followed before the key is TFTPed to the Brocade device.

NOTE

The public key may not be effective after download using Linux and Secure CRT. If the file is not
constructed properly, you will receive an error message while loading. You must fix the key files and
load them again.

To cause a public key file called pkeys.txt to be loaded from a TFTP server each time the device is
booted, enter a command such as the following.

BigIron RX(config)# ip ssh pub-key-file tftp 192.168.1.234 pkeys.txt

Syntax: ip ssh pub-key-file tftp | <tftp-server-ip-addr> <filename> [remove]

The <tftp-server-ip-addr> variable is the IP address of the tftp server that contains the public key
file that you want to import into the Brocade device.

The <filename> variable is the name of the dsa public key file that you want to import into the
Brocade device.

The remove parameter deletes the key from the system.

To display the currently loaded public keys, enter the following command.

---- BEGIN SSH2 PUBLIC KEY ----

Comment: DSA Public Key

AAAAB3NzaC1kc3MAAACBAPY8ZOHY2yFSJA6XYC9HRwNHxaehvx5wOJ0rzZdzoSOXxbET

W6ToHv8D1UJ/

z+zHo9Fiko5XybZnDIaBDHtblQ+Yp7StxyltHnXF1YLfKD1G4T6JYrdH YI14Om

1eg9e4NnCRleaqoZPF3UGfZia6bXrGTQf3gJq2e7Yisk/gF+1VAAAAFQDb8D5cv

wHWTZDPfX0D2s9Rd7NBvQAAAIEAlN92+Bb7D4KLYk3IwRbXblwXdkPggA4pfdtW9v

GfJ0/RHd+NjB4eo1D+0dix6tXwYGN7PKS5R/FXPNwxHPapcj9uL1Jn2AWQ2dsknf+i/FAA

vioUPkmdMc0zuWoSOEsSNhVDtX3WdvVcGcBq9cetzrtOKWOocJmJ80qadxTRHtUAAACB

AN7CY+KKv1gHpRzFwdQm7HK9bb1LAo2KwaoXnadFgeptNBQeSXG1vO+JsvphVMBJc9HS

n24VYtYtsMu74qXviYjziVucWKjjKEb11juqnF0GDlB3VVmxHLmxnAz643WK42Z7dLM5

sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV

---- END SSH2 PUBLIC KEY ----

Advertising
Popular Brands
Popular manuals