SSH Keys on Network Devices

I got an oppertunity to upgrade my Cisco 2960G switch to something supporting SSH keys (12.2(58)SE2). I wanted to know how the process compares with my Juniper EX switches.

I’m assuming that you already have a user, and that SSH enabled, and I’m not discussing SSH versions, or security implications.  Only the process each vendor makes me jump through.

The cisco process looks like this:

1ip ssh pubkey-chain
2    username foo
3    key-string (copy and paste the pubkey (some devices don't support 
4		more than 254 characters, so you'll have to divy up the key 
5		into chunks and paste each chunk on its own line) )
6    exit
7exit

The Juniper process looks like this:

1set username foo authentication ssh-rsa "public-key";

If I look at my ssh public key (4k), it shows up as the equiv. of 10 lines. On the cisco, I’m typing/pasting 15 lines. On the Juniper, I’m typing/pasting 1 (albeit long) line.

It took a bit of googling to find the information about IOS not supporting more than 254c on a line. It fails to tell you anything itself, but rather beeps (obvious, right?) and the key of course isn’t valid, so it ignores it.

Why must the IOS interface be so awkward?

Copyright

Comments