Cisco Cisco SG300-28 28-Port Gigabit Managed Switch Technical References

SSH Client Commands

122

78-20269-01 Command Line Interface Reference Guide

User Guidelines

When using the keyword generate, a private key and a public key of the given type
(RSA/DSA) are generated for the SSH client. Downloading a configuration file with
a Key Generating command is not allowed, and such download will fail.

When using the keyword key-pair, the user can import a key-pair created by
another device. In this case, the keys must follow the format specified by RFC
4716.

If the specified key already exists, a warning will be issued before replacing the
existing key with a new key.

Use the no ip ssh-client key command to remove a key pair. Use this command
without specifying a key-type to remove both key pairs.

Table 3

describes the expected behavior of keys, default and users within the

various operations.

If no keys are included in text-based configuration file, the device generates it’s
own keys during initialization. If the Running Configuration contains default keys
(not user-defined), the same default keys remain.

Examples

Example 1 - In the following example, a key pair of the RSA type is created:

switchxxxxxx(config)

# ip ssh-client key rsa generate

The SSH service is generating a private RSA key.

Table 3:

Keys, Defaults and Users

From/To

Show

Show (detailed)

Copy/Upload of
Running Config

Copy/Upload of
Startup Config

Download
text-based CLI
(TFTP/Backup)

Startup Config

Only
user-defined.

N/A

All keys (default
and user)

N/A

All keys (default
and user)

Running Config

Keys are not
displayed.

All keys (default
and user)

N/A

Only user
defined.

Same as user
configuration

Text-based CLI
(TFTP/Backup)

As it was
copied.

N/A

All keys (default
and user)

Only user
defined.

As a text file.