[j-nsp] passing RSA keys via Radius

Noah Garrett Wallach noah-list at enabled.com
Tue Sep 1 14:09:48 EDT 2009

Bjørn Mork wrote:
> Noah Garrett Wallach <noah-list at enabled.com> writes:
>> Is it really necessary to have RSA Auth Manager?  I am hoping that I
>> can send a key from any radius server to the Juniper.  is that at all
>> possible?
> I wonder if there was some confusion wrt what you're trying to achieve.
> I assume that you want to let RADIUS return a RSA public key which the
> router can use for ssh key authentication?
> If so, then I'm afraid it can't be done with JUNOS.  At least I've
> searched for the same feature without finding it...  There is no
> standardized RADIUS attribute for this AFAIK, and the list of Juniper
> VSAs does not include any such attribute either:
> http://www.juniper.net/techpubs/software/junos/junos93/swconfig-system-basics/configuring-radius-authentication.html
> Too bad. Having to configure all routers with the public keys of all
> users makes it unnecessarily difficult to use ssh key authentication.

You have answered my question - thank you.  but its an unfortunate answer

> Bjørn

More information about the juniper-nsp mailing list