ssh host-key

Syntax

ssh host-key {ecdsa [ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | ecdsa-sha2-nistp521] |
              ed25519 | rsa [bits {2048 | 4096}] }

Description

Generates an SSH host-key pair.

Command context

config

Parameters

ecdsa

Selects the ECDSA host-key pair type as ecdsa-sha2-nistp256 (the default), ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521.

ed25519

Selects the ED25519 host-key pair.

rsa

Selects the RSA host-key pair. Optionally, the key bit length is selected with either bits 2048 (the default) or bits 4096.

Authority

Administrators

Usage

When an SSH server is enabled on a VRF for the first time, host-keys are generated.

If the host-key of the given type exists, a warning message is displayed with a request to overwrite the previous host-key with the new key.

Examples

Overwriting an old ECDSA host-key with a new ecdsa-sha2-nistp384 host-key:

switch(config)# ssh host-key ecdsa ecdsa-sha2-nistp384
ecdsa host-key will be overwritten. 
Do you want to continue (y/n)? 

Overwriting an old RSA host-key with a new RSA host-key with 2048 bits:

switch(config)# ssh host-key rsa bits 2048
rsa host-key will be overwritten. 
Do you want to continue (y/n)?

Overwriting an ECDSA host-key with an ED25519 host-key pair:

switch(config)# ssh host-key ed25519
ed25519 host-key will be overwritten.
Do you want to continue (y/n)?