Руководство По Установке для Cisco Cisco Packet Data Gateway (PDG)
Initial System Configuration
▀ Configuring SSH Options
▄ ASR 5500 Installation Guide
128
Generating SSH Keys
The ssh generate command generates a public/private key pair which is to be used by the SSH server. The v1-rsa
keyword has been removed from and the v2-dsa keyword concealed within the ssh generate CLI command. The only
keyword available for generating SSH keys is v2-rsa.
keyword has been removed from and the v2-dsa keyword concealed within the ssh generate CLI command. The only
keyword available for generating SSH keys is v2-rsa.
Important:
The generated key pair remains in use until the command is issued again.
Step 1
Enter the context configuration mode:
[local]host_name(config)# context context_name
[local]host_name(config-ctx)#
[local]host_name(config-ctx)#
Step 2
Generate an SSH key pair.
[local]host_name(config-ctx)# ssh generate key type v2-rsa
[local]host_name(config-ctx)#
[local]host_name(config-ctx)#
Setting SSH Key Pair
The ssh key command sets the public/private key pair to be used by the system. The v2-dsa keyword is concealed in the
ssh key command.
ssh key command.
Step 1
Specify the SSH key pair parameters.
[local]host_name(config-ctx)# ssh key data length octets type v2-rsa
Notes:
data is the encrypted key expressed as an alphanumeric string of 1 through 1023 characters
length octets is the length of the encrypted key in octets expressed as an integer from 0 through 65535
type specifies the key type; v2-rsa is the only supported type.
Specifying SSH Encryption Ciphers
The SSH Configuration mode ciphers CLI command configures the cipher priority list in sshd for SSH symmetric
encryption. It changes the cipher options for that context.
encryption. It changes the cipher options for that context.
Step 1
Enter the SSH Configuration mode.
[local]host_name(config-ctx)# server sshd
Step 2
Specify the desired encryption algorithms.
[local]host_name(config-sshd)# ciphers algorithm
Notes:
algorithm is a string of 1 through 511 alphanumeric characters that specifies the algorithm(s) to be used as a
single string of comma-separated variables (no spaces) in priority order from those shown below:
blowfish-cbc – symmetric-key block cipher, Cipher Block Chaining, (CBC)
3des-cbc – Triple Data Encryption Standard, CBC