Manualshelf

API Guide

ManualsBrandsDell ManualsAccess PlatformsEMC Networking MX9116n
1031103210331034103510361037103810391040
it fails, the number of max-auth-tries is reduced by one. In this case, if you configured ip ssh server max-auth-
tries 1, the password prompt does not display.
Regenerate public keys
When enabled, the SSH server generates public keys by default and uses them for client authentication:
A Rivest, Shamir, and Adelman (RSA) key using 2048 bits.
An Elliptic Curve Digital Signature Algorithm (ECDSA) key using 256 bits
An Ed25519 key using 256 bits
NOTE: RSA1 and DSA keys are not supported on the OS10 SSH server.
An SSH client must exchange the same public key to establish a secure SSH connection to the OS10 switch. If necessary, you
can regenerate the keys used by the SSH server with a customized bit size. You cannot change the default size of the Ed25519
key. The crypto key generate command is available only to the sysadmin and secadmin roles.
1. Regenerate keys for the SSH server in EXEC mode.
crypto ssh-key generate {rsa {2048|3072|4096} | ecdsa {256|384|521} | ed25519}
2. Enter yes at the prompt to overwrite an existing key.
Host key already exists. Overwrite [confirm yes/no]:yes
Generated 2048-bit RSA key
3. Display the SSH public keys in EXEC mode.
show crypto ssh-key
After you regenerate SSH public keys, disable and re-enable the SSH server to use the new public keys. Restarting the SSH
server does not impact current OS10 sessions.
SSH commands
crypto ssh-key generate
Regenerates the public keys used in SSH authentication.
Syntax
crypto ssh-key generate {rsa bits | ecdsa bits | ed25519}
Parameters
rsa bits Regenerates the RSA key with the specified bit size: 2048, 3072, or 4096; default
2048.
ecdsa bits Regenerates the ECDSA key with the specified bit size: 256, 384, or 521; default
256.
ed25519 Regenerates the Ed25519 key with the default bit size.
Default The SSH server uses default public key lengths for client authentication:
RSA key: 2048 bits
ECDSA key : 256 bits
Ed25519 key: 256 bits
Command Mode EXEC
Usage
Information
If necessary, you can regenerate the public keys used by the SSH server with a customized bit size. You
cannot change the default size of the Ed25519 key. The crypto ssh-key generate command is
available only to the sysadmin and secadmin roles.
Example
OS10# crypto ssh-key generate rsa 4096
Host key already exists. Overwrite [confirm yes/no]:yes
Generated 4096-bit RSA key
OS10#
Security 1039