The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
To enable this feature please perform these steps:
Step 1. SSH needs to be enabled on the MDS/Nexus switch.
#conf (config)#feature ssh
Step 2. You need to get the public key off the host and configure it on the MDS/Nexus switch.
-v : Verbose Enabled
-b: Number of Bits for the key
-t: Type of Algorithm either DSA or RSA
$ ssh-keygen -v -b 1024 -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/users/thteoh/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /users/thteoh/.ssh/id_rsa. Your public key has been saved in /users/thteoh/.ssh/id_rsa.pub. The key fingerprint is: 61:18:ad:14:cd:a7:bf:44:89:73:4a:2e:09:96:bb:51 thteoh@people
Note: In this example, RSA is used, you can also choose the Digital Signature Algorithm (DSA) key.
Verify generated key using cat with id_rsa.pub file (file can also be id_dsa.pub)
Step 5. You can check command completed successfully.
switch# show user-account teoh user:teoh this user account has no expiry date roles:network-admin ssh public key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzDWrMuGDkDXFRnuCqdJRM9Yd+oi0ff2K6HxRsyqh82GmQJ3IX6OG7o biQTKnT9+eH7h2WCArEiMsOz3GYtakEkpYx6zR3cKwrsrgKv4TwRgSv8yUyH8GwPZOvZP97szJDu/3WP/ni4wJBb+yDqoI6+G1Rq/F2aYx45fh6Swl Pv0= thteoh@people switch#
You can now ssh to switch and issue any command without password prompt now:
$ ssh email@example.com "sh system uptime" Warning: the output may not have all the roles System start time: Tue May 29 17:51:30 2012 System uptime: 7 days, 19 hours, 42 minutes, 15 seconds Kernel uptime: 7 days, 19 hours, 45 minutes, 17 seconds