Nerdy Drunk

Drunk on technology

User Tools

Site Tools


cisco:asa-ssh-scp-key-auth

Cisco ASA SSH SCP Key Authentication

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr1zGV1ZDUOgHOWHrqhA
MJ0jyNlAGil130lS5lLizG0RqxG4Z9u3tbuRRkr3zsloqAt40N3zq22IZD
+ARJ4hDiRpV5f4H3rfB5WGJ8saPCqwZh8MG3s12HkQ01kFdtxQklPcmPOz
/FzTnGbEiOm1LbcVUtW4yqZX/cONIzS4q1fDCOa/G4Ocg89BPSSlXBN9+D
e6lc2MI14Ony5QUoZskkBEPJ8K4uosuhmEQzrLbis5cOpPD/z37+p3wfrQ
b3Gv6nNve7V1z1T24Y+ETK1TXPB/jVzzTWXkF15gyG6zJ7864m3xPrnTLl
QDz6dZ5CYDXZzuTMczGTQEGBF2dnzq1x USER01@HOST01

For the ASA the RSA public key needs to be on one line, but you also need to remove the starting “ssh-rsa” and ending “USER01@HOST01”.

AAAAB3NzaC1yc2EAAAADAQABAAABAQCr1zGV1ZDUOgHOWHrqhAMJ0jyNlAGil130lS5lLizG0RqxG4Z9u3tbuRRkr3zsloqAt40N3zq22IZD+ARJ4hDiRpV5f4H3rfB5WGJ8saPCqwZh8MG3s12HkQ01kFdtxQklPcmPOz/FzTnGbEiOm1LbcVUtW4yqZX/cONIzS4q1fDCOa/G4Ocg89BPSSlXBN9+De6lc2MI14Ony5QUoZskkBEPJ8K4uosuhmEQzrLbis5cOpPD/z37+p3wfrQb3Gv6nNve7V1z1T24Y+ETK1TXPB/jVzzTWXkF15gyG6zJ7864m3xPrnTLlQDz6dZ5CYDXZzuTMczGTQEGBF2dnzq1x
ASA01(config)# username USER01 password USER01PASSWORD privilege 15
ASA01(config)# username USER01 attributes
ASA01(config-username)# service-type admin
ASA01(config-username)# ssh authentication publickey AAAAB3NzaC1yc2EAAAADAQABAAABAQCr1zGV1ZDUOgHOWHrqhAMJ0jyNlAGil130lS5lLizG0RqxG4Z9u3tbuRRkr3zsloqAt40N3zq22IZD+ARJ4hDiRpV5f4H3rfB5WGJ8saPCqwZh8MG3s12HkQ01kFdtxQklPcmPOz/FzTnGbEiOm1LbcVUtW4yqZX/cONIzS4q1fDCOa/G4Ocg89BPSSlXBN9+De6lc2MI14Ony5QUoZskkBEPJ8K4uosuhmEQzrLbis5cOpPD/z37+p3wfrQb3Gv6nNve7V1z1T24Y+ETK1TXPB/jVzzTWXkF15gyG6zJ7864m3xPrnTLlQDz6dZ5CYDXZzuTMczGTQEGBF2dnzq1x
ASA01(config-username)# ^Z
ASA01# show run username
username USER01 password fElN78i/YX9LY7fv encrypted privilege 15
username USER01 attributes
 service-type admin
 ssh authentication publickey 83:e7:6b:82:20:6e:b0:f3:45:b9:d8:4d:12:70:d7:e6:79:6e:7d:cc:27:a7:17:a2:d0:a1:35:9e:d3:4a:40:51 hashed
ASA01#
scp ASA01:system:/running-config ./ASA01.running-config-DATE.txt
cisco/asa-ssh-scp-key-auth.txt · Last modified: 2022/07/21 10:41 by 127.0.0.1