Page 1 of 1
connect to 7750 from linux server without password
Posted: 20 Feb 2015 04:55
by avivi
hello
i want to ask is it possible to connect to 7750 from linux server without password ?
thanks
Re: connect to 7750 from linux server without password
Posted: 27 Apr 2015 15:09
by ripnet
In 12.0 you can use RSA keys.
Re: connect to 7750 from linux server without password
Posted: 18 Jan 2016 15:03
by garci66
Sorry for reviving an old thread, but wanted to share some enhancements. SSH with keys is possible starting on 12.0R4. Se below for the details:
You can create pair of key on Linux:
# ssh-keygen -b 1024
Private key will be in /root/.ssh/id_rsa.
Public key will be in in /root/.ssh/id_rsa.pub.
You need to copy your public key into SROS:
From Linux:
Code: Select all
cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCzbxLdCel+HOooNYkstzu6dpI559ZTwXLwp51H2QKZmvR9E5Ik1ZyjHIpn9JJYQxpRCoCgxEpX6b3Y9iW2rMnUvBxCOiqD2bFoO5OcBf3SdpK4b1kg7laG17/wWH1yLEDvaxWJScSVoxTb9Ki/Qgdo19zWnZLxj3gX+Aq92AZo7Q== root@freeradius
On node:
Code: Select all
configure
system
security
user "sshey"
access console
rsa-key 1 “AAAAB3NzaC1yc2EAAAADAQABAAAAgQCzbxLdCel+HOooNYkstzu6dpI559ZTwXLwp51H2QKZmvR9E5Ik1ZyjHIpn9JJYQxpRCoCgxEpX6b3Y9iW2rMnUvBxCOiqD2bFoO5OcBf3SdpK4b1kg7laG17/wWH1yLEDvaxWJScSVoxTb9Ki/Qgdo19zWnZLxj3gX+Aq92AZo7Q==”
exit
exit
exit
exit
It should work with ssh, scp and sftp
Keep in mind that only 1024 bit keys are currently supported
Re: connect to 7750 from linux server without password
Posted: 24 Jan 2016 14:11
by thecandymancan
If you intend on doing this in a production environment how do you manage the audit trail, who did what etc? You're looking an unscalable solution for many users from many hosts, are you?
Curious, does TACACS get consulted 1st and responds with an unknown user then your auth session fails?