<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal">
<p dir="auto">On 6 Sep 2016, at 21:33 EAT, heasley wrote:</p>
<blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px">
<p dir="auto">Thu, Sep 01, 2016 at 12:25:09AM +0300, Patrick Okui:</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999">
<p dir="auto">On 4 Aug 2016, at 20:29 EAT, heasley wrote:</p>
<blockquote style="border-left:2px solid #777; color:#BBB; margin:0 0 5px; padding-left:5px; border-left-color:#BBB">
<p dir="auto">[ it would be nice if vendors would store ssh keys like junos, so you<br>
could use ssh-agent ]</p>
</blockquote>
<p dir="auto">Cisco quietly added support for this some time back. Not sure which<br>
vendors support/not support this these days.</p>
</blockquote>
<p dir="auto">isnt this XR only? I rather expected this to ubiquitous across the industry by now.</p>
</blockquote>
<p dir="auto">Late comment but no. IOS 15 added support for RSA based keys. All you have to do is check for the availability of the <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">ip ssh pubkey-chain</code> command, or select “SSHv2 Enhancements for RSA keys” under the <a href="http://tools.cisco.com/ITDIT/CFN/jsp/by-feature-technology.jsp" style="color:#3983C4">cisco feature navigator</a></p>
<p dir="auto">To get round the 255 character limit some IOS devices will impose you can just look at the hash of the key with <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">ssh-keygen -l -f ~/.ssh/id_rsa.pub | awk '{gsub(/:/,"",$2); print $2}'</code> and use key-hash ssh-rsa <HASH> instead of asking the router to do that for you.</p>
<p dir="auto">--<br>
patrick</p>
</div>
</div>
</body>
</html>