Can a Cisco Device use RSA authentication for SSH

Chuck Swiger cswiger at mac.com
Tue Jun 5 20:49:40 UTC 2007


On Jun 5, 2007, at 12:46 PM, Martin McCormick wrote:
> A person in our group is trying to scp files from a Cisco IOS
> device to a FreeBSD work station. The Cisco box uses an RSA key
> and sshd on the FreeBSD system won't recognize the algorithm.
> The error message on the Cisco side of things looks like:
>
>    000039: Jun  5 14:13:59.623 CDT: SSH2 0: hostkey algo not  
> supported:
>    client ssh-rsa, server ssh-dss
>
> Is there a safe way to make this work?

I'd imagine that you can use ssh-keygen to generate a replacement  
RSA1 or RSA2 host key rather than a DSA key:

   /usr/bin/ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''

...or "-t rsa" for a protocol-2 RSA key, if the Cisco can deal with  
those.

-- 
-Chuck



More information about the freebsd-questions mailing list