ssh host-key

Syntax

ssh host-key {ecdsa [ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | ecdsa-sha2-nistp521] |
              ed25519 | rsa [bits {2048 | 4096}] }

Description

Generates an SSH host-key pair.

Command context

config

Parameters

ecdsa

Selects the ECDSA host-key pair type as ecdsa-sha2-nistp256 (the default), ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521.

ed25519

Selects the ED25519 host-key pair.

rsa

Selects the RSA host-key pair. Optionally, the key bit length is selected with either bits 2048 (the default) or bits 4096.

Authority

Administrators or local user group members with execution rights for this command.

Usage

When an SSH server is enabled on a VRF for the first time, host-keys are generated.

If the host-key of the given type exists, a warning message is displayed with a request to overwrite the previous host-key with the new key.

Examples

Overwriting an old ECDSA host-key with a new ecdsa-sha2-nistp384 host-key:

switch(config)# ssh host-key ecdsa ecdsa-sha2-nistp384
ecdsa host-key will be overwritten. 
Do you want to continue (y/n)? 

Overwriting an old RSA host-key with a new RSA host-key with 2048 bits:

switch(config)# ssh host-key rsa bits 2048
rsa host-key will be overwritten. 
Do you want to continue (y/n)?

Overwriting an ECDSA host-key with an ED25519 host-key pair:

switch(config)# ssh host-key ed25519
ed25519 host-key will be overwritten.
Do you want to continue (y/n)?