Chapter 3 Managing the network access devices 85

If you regenerate the key at any time, you must re-export the key to each network access device.

Note: If you export the key after the network access device has been enabled, you may need to disable and re-enable the switch in order to activate the change.

3For each network access device, import its public key into the Nortel SNAS 4050 domain, if necessary (see “Managing SSH keys for Nortel SNA communication using the CLI” on page 88).

For an Ethernet Routing Switch 8300, you can retrieve the key in two ways:

Use the /cfg/domain #/switch #/sshkey/import command to import the key directly from the network access device.

Use the /cfg/domain #/switch #/sshkey/add command to paste in the key.

For an Ethernet Routing Switch 5510, 5520, or 5530:

Use the /cfg/domain #/switch #/sshkey/import command to import the key directly from the network access device.

If the network access device was reachable when you added it to the domain configuration, the SSH key was automatically retrieved.

If the network access device defaults, it generates a new public key. You must reimport the key whenever the switch generates a new public key (see “Reimporting the network access device SSH key using the CLI” on page 89).

Note: In general, enter Apply to apply the changes immediately after you execute any of the SSH commands.

Generating SSH keys for the domain using the CLI

To generate, view, and export the public SSH key for the domain, use the following command:

/cfg/domain #/sshkey

The NSNAS SSH key menu displays.

Nortel Secure Network Access Switch 4050 User Guide

Page 85
Image 85
Nortel Networks 4050 manual Generating SSH keys for the domain using the CLI, For an Ethernet Routing Switch 5510, 5520, or