[j-nsp] JNCIP Question about ssh-rsa key
Dmitry Perelman
dmitrynyc at gmail.com
Thu Aug 20 10:49:04 EDT 2009
The key format in the JNCIP book looks like it's SSH1 format, meaning the
"1024 65537" portion is part of the key produced by the client. If you are
adding 1024 in front of the "ssh-rsa" of an SSH2 public key, the router will
reject it because it is not in either format SSH1 or SSH2.
If you plan on using SSH2 start with "ssh-rsa" in the pub file.
You can test the SSH1 key in the book by manually copying it in starting at
"1024"
On Wed, Aug 19, 2009 at 9:08 PM, Nam, Nguyen Hoang <nhnam at j-protek.net>wrote:
> Dear all !
>
> I have problem when config ssh-rsa key in JNCIP example :
>
> root at r1# show root-authentication
>
> encrypted-password $1$n/lx3$RNtF9uDlCsMsAL8gi/qA31 ; # SECRET-DATA ssh-rsa
> 1024 65537
>
>
> 14507521839282798432482521835023055326381401663452058669080886491465544700784
>
> 392
>
>
> 81114055822376198290722320666268020211763429857348456378696103199986915461962
>
> 494
>
>
> 35479692894437417780898017483440313841107367122670080439972894195679320796753
>
> 410
>
> 731222833899141869327583231170906047985814682544941905107416839803283 root
> ; # SECRET-DATA
>
>
>
> When I config ssh-rsa key begin "1024 ....
>
> I see the following error : Must follow SSHv2 or SSHv1 RSA key format
>
>
>
> When I config ssh-rsa key begin "ssh-rsa .... " It's OK
>
>
>
> I use Junos version 8.5R3.4
>
>
>
> When I don't use ssh-rsa key, I also can ssh to router.
>
>
>
>
>
> My question is how to config ssh-rsa to affect the authentication
>
>
>
> Thanks and Best Regards.
>
>
>
> Nam
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list