[j-nsp] JNCIP Question about ssh-rsa key

Nam, Nguyen Hoang nhnam at j-protek.net
Thu Aug 20 21:45:22 EDT 2009 

Hi !
                Thanks a lot for your help.

                I can do it now.

                Thanks and Best Regards.

                Nam

From: Dmitry Perelman [mailto:dmitrynyc at gmail.com]
Sent: Thursday, August 20, 2009 21:49 PM
To: Nam, Nguyen Hoang
Cc: juniper-nsp at puck.nether.net
Subject: [?? Probable Spam] Re: [j-nsp] JNCIP Question about ssh-rsa key

The key format in the JNCIP book looks like it's SSH1 format, meaning the "1024 65537" portion is part of the key produced by the client. If you are adding 1024 in front of the "ssh-rsa" of an SSH2 public key, the router will reject it because it is not in either format SSH1 or SSH2.

If you plan on using SSH2 start with "ssh-rsa" in the pub file.
You can test the SSH1 key in the book by manually copying it in starting at "1024"


On Wed, Aug 19, 2009 at 9:08 PM, Nam, Nguyen Hoang <nhnam at j-protek.net<mailto:nhnam at j-protek.net>> wrote:
Dear all !

I have problem when config ssh-rsa key in JNCIP example :

root at r1# show root-authentication

encrypted-password  $1$n/lx3$RNtF9uDlCsMsAL8gi/qA31 ; # SECRET-DATA ssh-rsa  1024 65537

14507521839282798432482521835023055326381401663452058669080886491465544700784

392

81114055822376198290722320666268020211763429857348456378696103199986915461962

494

35479692894437417780898017483440313841107367122670080439972894195679320796753

410

731222833899141869327583231170906047985814682544941905107416839803283 root ; # SECRET-DATA



When I config ssh-rsa key  begin "1024 ....

I see the following error : Must follow SSHv2 or SSHv1 RSA key format



When I config ssh-rsa key begin "ssh-rsa .... " It's OK



I use Junos version 8.5R3.4



When I don't use ssh-rsa key, I also can ssh to router.





My question is how to config ssh-rsa to affect the authentication



Thanks and Best Regards.



Nam

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list