PDF(74.5 KB) View with Adobe Reader on a variety of devices
ePub(74.2 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(68.4 KB) View on Kindle device or Kindle app on multiple devices
Updated:April 7, 2017
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
To enable this feature please perform these steps:
Step 1. SSH needs to be enabled on the MDS/Nexus switch.
#conf (config)#feature ssh
Step 2. You need to get the public key off the host and configure it on the MDS/Nexus switch.
-v : Verbose Enabled
-b: Number of Bits for the key
-t: Type of Algorithm either DSA or RSA
$ ssh-keygen -v -b 1024 -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/users/thteoh/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /users/thteoh/.ssh/id_rsa. Your public key has been saved in /users/thteoh/.ssh/id_rsa.pub. The key fingerprint is: 61:18:ad:14:cd:a7:bf:44:89:73:4a:2e:09:96:bb:51 thteoh@people
Note: In this example, RSA is used, you can also choose the Digital Signature Algorithm (DSA) key.
Verify generated key using cat with id_rsa.pub file (file can also be id_dsa.pub)
Step 5. You can check command completed successfully.
switch# show user-account teoh user:teoh this user account has no expiry date roles:network-admin ssh public key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzDWrMuGDkDXFRnuCqdJRM9Yd+oi0ff2K6HxRsyqh82GmQJ3IX6OG7o biQTKnT9+eH7h2WCArEiMsOz3GYtakEkpYx6zR3cKwrsrgKv4TwRgSv8yUyH8GwPZOvZP97szJDu/3WP/ni4wJBb+yDqoI6+G1Rq/F2aYx45fh6Swl Pv0= thteoh@people switch#
You can now ssh to switch and issue any command without password prompt now:
$ ssh email@example.com "sh system uptime" Warning: the output may not have all the roles System start time: Tue May 29 17:51:30 2012 System uptime: 7 days, 19 hours, 42 minutes, 15 seconds Kernel uptime: 7 days, 19 hours, 45 minutes, 17 seconds