Cisco SG-350: SSH pubkey key auth

I wanted to activate ssh public key authentication on my Cisco SG-350 10 Port manged switch. And it was a pain in the ass because of the slightly different CLI syntax.

First of all enable ssh. This requires a configured and working IP address on the switch:

SwitchR#conf t
SwitchR(config)#ip ssh server
SwitchR(config)#ip ssh pubkey-auth auto-login

SSH pubkey authentication is now enabled. Now you have to add an ssh key to your user. This requires an already configured user with the desired privilege level:

SwitchR(config)#crypto key pubkey-chain ssh
SwitchR(config-pubkey-chain)#user-key veloc1ty rsa

Enter key-string and hit enter. The CLI now expects a ssh public key pasted in. Remove ssh-rsa in the beginning of your key and strip away the key comment at the end if you have one.

This is repeated just to show it ---> SwitchR(config-pubkey-key)#key-string

When the switch prints out the fingerprint it’s done. You can now ssh into your switch with your public key.

:-$ ssh

SwitchR#show users

   Username       Protocol          Location
--------------- ------------ -----------------------
   veloc1ty         SSH  

Apply access lists as desired now on your interface.

Reference: Command Reference PDF page 1221 found here:

Du hast einen Kommentar, einen Wunsch oder eine Verbeserung? Schreib mir doch eine E-Mail! Die Infos dazu stehen hier.

🖇️ = Link zu anderer Webseite
🔐 = Webseite nutzt HTTPS (verschlüsselter Transportweg)