Configuring Secure Shell (SSH)

 

Messages Related to SSH Operation

 

 

Message

Meaning

 

 

Client public key file corrupt or not

The client key does not exist in the switch. Use copy

found. Use 'copy tftp pub-key-file <ip-

tftp to download the key from a TFTP server.

addr> <filename>' to download new file.

 

 

 

Download failed: overlength key in key

The public key file you are trying to download has one of the

file.

following problems:

 

• A key in the file is too long. The maximum key length is

Download failed: too many keys in key

1024 characters, including spaces. This could also mean

file.

that two or more keys are merged together instead of

 

being separated by a <CR><LF>.

Download failed: one or more keys is not

• There are more than ten public keys in the key file and

a valid public key.

switch total. Delete some keys from the switch or file. The

switch does not detect duplicate keys.

 

 

• One or more keys in the file is corrupted or is not a valid

 

public key.

 

Refer to “To Create a Client-Public-Key Text File” on page

 

26 for information on client-public-key properties.

Error: Requested keyfile does not exist. The client key does not exist in the switch. Use copy

 

tftp to download the key from a TFTP server.

 

 

 

 

Generating new RSA host key. If the

After you execute the generate ssh [dsa rsa]

cache is depleted, this could take up to

command, the switch displays this message while it

two minutes.

is generating the key.

 

 

Host RSA key file corrupt or not found.

The switch’s key is missing or corrupt. Use the

Use ' generate ssh [dsa rsa]' to cre-

generate ssh [dsa rsa] command to generate a new

ate new host key.

key for the switch.

 

 

 

Logging Messages

There are event log messages when a new key is generated and zeroized for the server:

ssh: New <num-bits> -bit [rsa dsa] SSH host key installed

ssh: SSH host key zeroized

There are also messages that indicates when a client public key is installed or removed:

ssh: <num-bits>-bit [rsa dsa] client public key [installed removed] ([manager operator] access) (key_comment)

Note: Only up to 39 characters of the key comment are included in the event log message.

6-31