8-12
Configuring Secure Shell (SSH)
Configuring the Switch for SSH Operation
Figure 8-5. Example of Generating a Public/Private Host Key Pair for the Switch
If you wish to compare the switch key to the key as stored in your client's
known-hosts file, the formatting and commands need not match.
Notes "Zeroizing" the switch’s key automatically disables SSH (sets ip ssh to no).
Thus, if you zeroize the key and then generate a new key, you must also re-
enable SSH with the ip ssh command before the switch can resume SSH
operation.
Configuring Key Lengths
The crypto key generate ssh command allows you to specify the type and length
of the generated host key. The size of the host key is platform-dependent as
different switches have different amounts of processing power. The size is
represented by the <keysize> parameter and has the values shown in
Table 8-2. The default value is used if keysize is not specified.
HP Switch(config)# crypto key generate ssh rsa
Installing new key pair. If the key/entropy cache is
depleted, this could take up to a minute.
HP Switch(config)# show crypto host-public-key
SSH host public key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNwBMXZ9vYG+YxtV+KQeQQ+R8RKx47lxs14jPImBoV
qUmK1iyK3WGhv0Fsks9ZtATjidybwPjmfd2Lup1INUjemquL2C0YRXo4MULfrqioWTco4mlFliftypj5
gLvYeYFT/9CpoxMF4YrTUyjc90UfIf3et3fahaZ4KgLQjnXV1b8AWWsDZRv7niq8A1emqgts3HuAk59L
vFYsMkvLV2a7qoks1auqW8otRHgv/QsWtxfuoYUvVnXDiZFKeent34+sQnIvy1wJAmukCmM3zp434eTe
h87/2Oer612mlAwRq5qPFtTAZlsf8LGipjKftW6dq8uq9tYtTtQWO09Mi65L
Host Public
Key for the
Switch
Table 8-2. RSA/DSA Values for Various HP Networking Switches
Platform Maximum RSA Key Size (in bits) DSA Key Size (in bits)
5400/3500/6200/8200/2900 1024, 2048, 3072
Default: 2048
1024
4200/2900/2810/2610/2510 1024, 2048
Default: 2048
1024
5300/2800/3400/2600 896 512
To Next Page
Loading...
Need help?
General