ssh keygen host

Use these commands to create SSH server host, and public keys. These host keys are added in the SSH clients known_hosts file after user's acceptance.

Once entry is added in known_hosts, for the subsequent attempt login to the server will be validated against the host key and if there is key mismatch user will be prompted about the change in server identity.

Command syntax

Copy 
ssh keygen host dsa (vrf (NAME|management)|) (force|)
ssh keygen host rsa (length <1024-4096>|) (vrf (NAME|management)|) (force|)
ssh keygen host ecdsa (length (256|384|521)|) (vrf (NAME|management)|) (force|)
ssh keygen host ed25519 (vrf (NAME|management)|) (force|)

Parameters

dsa

dsa keys

rsa

rsa keys

ecdsa

ecdsa keys

ed25519

ed25519 keys

force

Replace the old host-key with newly generated host-key

<1024-4096>

Number of bits to use when creating the SSH server key; this parameter is only valid for RSA keys (DSA keys have a default length of 1024).

vrf management

Defines the management VRFClosed Virtual Routing and Forwarding instance.

vrf NAME

Specify the user-defined VRF instance name.

Default

DSA key has length of 1024 bits

RSA key has default length of 2048 bits

ECDSA key has default length of 521 bits

ED25519 key has length of 256 bits

Command Mode

Privileged execution mode

Applicability

This command was introduced in OcNOS version 5.0. Added parameter NAME in OcNOS version 6.5.3.

Examples

Copy 
OcNOS#ssh keygen host rsa vrf management
    OcNOS#
    OcNOS#ssh keygen host ecdsa vrf management
    OcNOS#
    OcNOS#ssh keygen host ecdsa
    %% ssh host key exists, use force option to overwrite
    OcNOS#
    OcNOS#ssh keygen host ecdsa force
    OcNOS#