Cisco Cisco Email Security Appliance C170 Guía Del Usuario
34-48
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 34 Logging
Log Subscriptions
Configuring Host Keys
Use the
logconfig -> hostkeyconfig
subcommand to manage host keys for use with SSH when
pushing logs to other servers from the Cisco appliance. SSH servers must have a pair of host keys, one
private and one public. The private host key resides on the SSH server and cannot be read by remote
machines. The public host key is distributed to any client machine that needs to interact with the SSH
server.
private and one public. The private host key resides on the SSH server and cannot be read by remote
machines. The public host key is distributed to any client machine that needs to interact with the SSH
server.
Note
To manage user keys, see
The
hostkeyconfig
subcommand performs the following functions:
In the following example, AsyncOS scans for host keys and add them for the host:
Mon Feb 21 23:18:10 2011 Info: PID 19626: User admin commit changes:
Mon Feb 21 23:18:10 2011 Info: PID 274: User system commit changes: Updated filter logs
config
Mon Feb 21 23:46:06 2011 Info: PID 25696: User admin commit changes: Receiving
suspended.
^C
mail3.example.com>
Table 34-37
Managing Host Keys - List of Subcommands
Command
Description
New
Add a new key.
Edit
Modify an existing key.
Delete
Delete an existing key.
Scan
Automatically download a host key.
Print
Display a key.
Host
Display system host keys. This is the value to place in the remote system's
‘known_hosts’ file.
‘known_hosts’ file.
Fingerprint
Display system host key fingerprints.
User
Display the public key of the system account that pushes the logs to the remote
machine. This is the same key that is displayed when setting up an SCP push
subscription. This is the value to place in the remote system's 'authorized_keys'
file.
machine. This is the same key that is displayed when setting up an SCP push
subscription. This is the value to place in the remote system's 'authorized_keys'
file.
mail3.example.com> logconfig
Currently configured logs:
[ list of logs ]