[c-nsp] Confirming an IOS ssh key?

Curtis Doty Curtis at GreenKey.net
Fri Feb 24 20:50:26 EST 2006

Ed Ravin wrote:
> After setting up SSH on an IOS device, is it possible to get a
> key fingerprint or otherwise dump out the key so you can either
> match the fingerprint the first time you log in to the device from
> a Unix machine, or pre-initialize the contents of your "known_hosts"
> file so the router is recognized immediately without an annoying warning?
> I found "show crypto key mypubkey rsa" in the CLI, but I don't see
> how I can use that information.  I note with regret that the keys
> are marked non-exportable in the output.

 From your favorite host running OpenSSH, running "ssh-keyscan -t rsa 
ios-device.example.com" will spit out the public side of the ssh2 
encryption key in known_hosts format.


More information about the cisco-nsp mailing list