API Guide
ip ssh server pubkey-authentication
Enables public key authentication for the SSH server.
Syntax
ip ssh server pubkey-authentication
Parameters None
Default Enabled
Command Mode CONFIGURATION
Usage
Information
Supported on the MX9116n and MX5108n switches in Full Switch mode starting in release 10.4.0E(R3S).
Also supported in SmartFabric mode starting in release 10.5.0.1.
The no version of this command disables the public key authentication.
Example
OS10(config)# ip ssh server pubkey-authentication
Supported
Releases
10.3.0E or later
ip ssh server vrf
Configures an SSH server for the management or non-default VRF instance.
Syntax
ip ssh server vrf {management | vrf-name}
Parameters
● management — Configures the management VRF instance to reach the SSH server.
● vrf-name — Enter the VRF instance used to reach the SSH server.
Default Not configured
Command Mode CONFIGURATION
Usage
Information
The SSH server uses the management VRF.
Example
OS10(config)# ip ssh server vrf management
OS10(config)# ip ssh server vrf vrf-blue
Supported
Releases
10.4.0E(R1) or later
show crypto ssh-key
Displays the current host public keys used in SSH authentication.
Syntax
show crypto ssh-key {rsa | ecdsa | ed25119}
Parameters
● rsa — Displays the RSA public key.
● ecdsa — Displays the ECDSA public key.
● ed25519 — Displays the Ed25519 key.
Default Not configured
Command Mode EXEC
Usage
Information
After you regenerate an SSH server key with a customized bit size, disable and re-enable the SSH server to
use the new public keys. To verify the changes, use the show crypto command.
If a remote SSH client uses strict host-key checking, copy a newly generated host key to the list of known
hosts on the client device.
1044 Security