From: Tarun Pahuja (pahujat@gmail.com)
Date: Sat Dec 01 2007 - 12:12:15 ART
Nicky,
SSH supports strong encryption and publick-key-based
authentication. Cisco IOS SSH authentication does not support SSH
Authentication using Digital certificates. However, you can configure
Cisco IOS router as a CA server and export the keys to a tftp server
or NVRAM.
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_q_and_a_item09186a0080267e0f.shtml#qa6
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00802119a8.shtml
HTH,
Tarun
On 11/28/07, nicky noname <cisco2study@gmail.com> wrote:
> Hello,
>
>
> Is the standard ssh server configuration that we use, with RSA, considered
> Public Key encryption?
>
> I have been reading the DOC CD and it is not so clear. It seems that you
> generate a rsa key pair, export/ import rsa keys/ setup a trustpoint
> etc....( generate a PEM file or PKCS12 file). Do I need a certificate
> server?
>
> I am a little confused. There seems to be alot of different parts to Public
> key encrytion. I could also be over thinking this. Maybe all that is needed
> is configuring an ssh server with hostname and domain and usual.....and not
> looking at exchanging any keys?
>
> I would appreciate some expertise here. Please look at my question
> specifically in relation to Public Key Encryption.......not just managing
> devices with ssh ( generatingrsa keys)
>
> Thanks
> Nic
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jan 01 2008 - 12:04:28 ARST