Buy or Renew
Buy or Renew
Welcome to the new Cisco Community. LEARN MORE about the updates and what is coming.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
762
Views
0
Helpful
0
Replies

SSH Host Key - Which Key Is Used to Calculate It?

googleboy
Beginner
Beginner

‎08-07-2020 07:47 AM - edited ‎08-07-2020 08:26 AM

I am trying to understand what is going on form the router output shown below. Which of the following public keys in the first router output is used to calculate the SECSH formated SSH host key (in red text) as show in the second router output?

R1(config)#do show crypto key mypubkey all     
% Key pair was generated at: 01:48:41 CDST Aug 4 2020
Key name: john.cisco.com
Key type: RSA KEYS
 Storage Device: not specified
 Usage: General Purpose Key
 Key is not exportable. Redundancy enabled.
 Key Data:
  <-- removed for brevity -->
% Key pair was generated at: 01:49:14 CDST Aug 4 2020
Key name: john.ibm.com
Key type: RSA KEYS
 Storage Device: not specified
 Usage: General Purpose Key
 Key is not exportable. Redundancy enabled.
 Key Data:
  <-- removed for brevity -->
% Key pair was generated at: 01:50:31 CDST Aug 4 2020
Key name: john.abc.com
Key type: RSA KEYS
 Storage Device: not specified
 Usage: General Purpose Key
 Key is not exportable. Redundancy enabled.
 Key Data:
  <-- removed for brevity -->
% Key pair was generated at: 07:48:43 CDST Aug 7 2020
Key name: john.cisco.com.server
Key type: RSA KEYS
Temporary key
 Usage: Encryption Key
 Key is not exportable. Redundancy enabled.
 Key Data:
  <-- removed for brevity -->
% Key pair was generated at: 07:53:50 CDST Aug 7 2020
Key name: R1.cisco.com
Key type: RSA KEYS
 Storage Device: not specified
 Usage: General Purpose Key
 Key is not exportable. Redundancy enabled.
 Key Data:
  <-- removed for brevity -->
R1(config)#

Below is the second output block

R1(config)#do show ip ssh
SSH Enabled - version 1.5
Authentication methods:publickey,keyboard-interactive,password
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
MAC Algorithms:hmac-sha1,hmac-sha1-96
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAQQCfR8mz4FVxiXrNfTA+xGkhFCR1mHWhIGL1qsdemsTI
6HUQqPmekuwakbO7j+sCYAlOFR5/QZKSOeIDCbfEGXAH                                    
R1(config)#

 

0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents