[unisog] c6500 & ssh keys

Doug Payne dwpayne at ist.uwaterloo.ca
Wed Apr 12 20:29:46 GMT 2006


On 12/04/2006 3:47 PM, Allen Rueter wrote:

> I have an expect script for our router, has anyone try exchanging
> ssh keys with a c6500, so one can login without a password?

I'm pretty sure that's not supported. From the IOS 'Configuring SSH' manual:

"RSA authentication available in SSH clients is not supported in the SSH 
server for Cisco IOS software."

Likewise there seems to be no equivalent to 'ip rcmd remote-host...' for 
ssh. However, with suitable config, `rsh` can be made to work without 
requiring passwords, albeit a bit less securely.

ip rcmd rsh-enable
ip rcmd remote-host <remote-user> <ip-address> <local-user> enable
line vty 0 <n>
  transport input telnet ...

% rsh xxxxxx show ver
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 
12.2(18)SXF3, RELEASE SOFTWARE (fc1)
...
cisco WS-C6509-E (R7000) processor (revision 1.2) with 458720K/65536K 
bytes of memory.
...

-- 
Doug Payne
Manager, Network Development, IST
University of Waterloo


More information about the unisog mailing list