[c-nsp] Confirming an IOS ssh key?
Curtis Doty
Curtis at GreenKey.net
Fri Feb 24 20:50:26 EST 2006
Ed Ravin wrote:
> After setting up SSH on an IOS device, is it possible to get a
> key fingerprint or otherwise dump out the key so you can either
> match the fingerprint the first time you log in to the device from
> a Unix machine, or pre-initialize the contents of your "known_hosts"
> file so the router is recognized immediately without an annoying warning?
>
> I found "show crypto key mypubkey rsa" in the CLI, but I don't see
> how I can use that information. I note with regret that the keys
> are marked non-exportable in the output.
>
From your favorite host running OpenSSH, running "ssh-keyscan -t rsa
ios-device.example.com" will spit out the public side of the ssh2
encryption key in known_hosts format.
../C
More information about the cisco-nsp
mailing list