Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3857
Views
0
Helpful
4
Replies

ssh host keys on WLC

bgoulet00
Level 1
Level 1

‎12-12-2012 07:09 AM - edited ‎07-03-2021 11:13 PM

How do you properly configure SSH keys on a WLC?  On IOS I normally set the domain name of our organization on the system and then use the "crypto key generate rsa" command.  I have found the WLC "network ssh host-key generate" generate command but can't find a way to set the domain name.  I also don't see any way to specify the cypher or key size and can't find any documentation on what the default cypher and key size are.  Do I need to install a certificate and use "ssh host-key use-device-certificate-key" instead if i want control over those items?

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Amjad Abdullah
VIP Alumni
VIP Alumni

‎12-13-2012 02:21 AM

This is a valuable question that I could not answer.
I think Saravanan can help us at this point.
Saravanan where are you? :-)

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎12-13-2012 11:41 AM

Are you having an issue with ssh to the WLC?

By default they have SSH enabled am you should be able to get there.

Do keep in mind that it doesn't run IOS, so some features oY are used to do not work the same.

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Amjad Abdullah
VIP Alumni
VIP Alumni
In response to Stephen Rodriguez

‎12-14-2012 02:06 AM

Steve:
I agree with you they do not work the same. But my concern when I saw the question is that there is no way to decide the cypher or the key size!!

Also the command:

ssh host-key use-device-certificate-key

What does it mean by the device certificate? SSL cert for management and web-auth? or something else? This is not clear at all and it needs to be documented. My search revealed nothing.

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful

bgoulet00
Level 1
Level 1
In response to Amjad Abdullah

‎12-14-2012 06:12 AM

Steve,

I know that SSH is active out of the box and i'm not having any trouble ussing SSH to get to the device.  Most modern IOS devices come with the functionality out of the box now too but it is our corporate policy to delete the default keys that came on the device and create new ones using RSA 128 linked with our domain name.  I'm trying to maintain this policy on the controllers too if possible and also get some info on what the default key settings are.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card