user authorized-key

Syntax

user <USERNAME> authorized-key <PUBKEY>
no user <USERNAME> authorized-key [<KEYNUM>]

Description

Copies an SSH client public key into the key list. If the key list and the public key do not exist, it creates a list with the public key. If the SSH client public key exists, the command appends the new key to the existing list. The client public key list holds a maximum of 32 client keys.

The no form of the command removes either one or all SSH public keys from the key list.

Command context

config

Parameters

<USERNAME>

Specifies the name of the user.

<PUBKEY>

Specifies the SSH client public key to be copied into the key list.

<KEYNUM>

Specifies the key number. The range is 1 to 32. Use the show user <USERNAME> authorized-key command to find the key number associated with the key.

Authority

Operators or Administrators or local user group members with execution rights for this command. Operators can execute this command from the operator context (>) only.

Usage

Each key on the key list has a key identifier. The show user <USERNAME> authorized-key command displays the key identifier associated with the key.

Administrators can add and remove the public keys of themselves and other users. Operators can add and remove only their own public keys. If the public key authentication method is enabled, the client public key present is used by the SSH server to authenticate the client. The authentication method reverts to the password authentication method and prompts for a client password when one of the following occurs:
  • The client public keys are not present.

  • The server does not have the keys enabled.

  • The public key method is disabled.

You can either remove all keys or a specific key. Each key on the key list has a key identifier. If you provide the key identifier in this command, the command removes the corresponding key from the list. If you provide no key identifier, the command removes all keys from the key list.

Examples

Adding a public key:

switch(config)#user admin authorized-key ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTIt
bmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEqEFevZ0l76V+D0svdCJ9Wo32zqI9OeAIdTJwT/eZYp50qkA
nhZNgS81HBjAI6QJ/4/kAyqdZ9oAjbiqQUiCAk= root@switch

Removing all SSH public keys from the list:

switch(config)# no user admin authorized-key

Removing the specified SSH public key from the list:

switch(config)# no user admin authorized-key 2