Foundry Networks Switch and Router Installation And Configuration Manual page 118

Foundry Switch and Router Installation and Configuration Guide
Foundry devices support Secure Copy (SCP) for securely transferring files between hosts on a network. Note that
when you copy files using SCP, you enter the commands on the SCP-enabled client, rather than the console on
the Foundry device.
For example, to copy a public key file called pkeys.txt from an SCP-enabled client to a PCMCIA flash card in slot 1
on a Management IV module, enter a command such as the following on the SCP-enabled client:
C:\> scp c:\pkeys.txt user@BigIron:a:/pkeys.txt
If password authentication is enabled for SSH, the user will be prompted for a password in order to copy the file.
See "Using Secure Copy" on page 4-9 for more information on SCP.
After the file is loaded onto the TFTP server or PCMCIA flash card, it can be imported into the active configuration
each time the device is booted.
To cause a public key file called pkeys.txt to be loaded from the Management IV module's PCMCIA flash card
each time the Foundry device is booted, enter the following command:
BigIron(config)# ip ssh pub-key-file slot1 pkeys.txt
Syntax: ip ssh pub-key-file slot1 | slot2 <filename>
To cause a public key file called pkeys.txt to be loaded from a TFTP server each time the Foundry device is
booted, enter a command such as the following:
BigIron(config)# ip ssh pub-key-file tftp 192.168.1.234 pkeys.txt
Syntax: ip ssh pub-key-file tftp <tftp-server-ip-addr> <filename>
To display the currently loaded public keys, enter the following command:
BigIron# show ip client-public-key
1024 65537 162566050678380006149460550286514061230306797782065166110686648548574
94957339232259963157379681924847634614532742178652767231995746941441604714682680
00644536790333304202912490569077182886541839656556769025432881477252978135927821
67540629478392662275128774861815448523997023618173312328476660721888873946758201
user@csp_client
1024 35 152676199889856769693556155614587291553826312328095300428421494164360924
76207475545234679268443233762295312979418833525975695775705101805212541008074877
26586119857422702897004112168852145074087969840642408451742714558592361693705908
74837875599405503479603024287131312793895007927438074972787423695977635251943 ro
ot@unix_machine
There are 2 authorized client public keys configured
Syntax: show ip client-public-key
To clear the public keys from the active configuration, enter the following command:
BigIron# clear public-key
Syntax: clear public-key
To reload the public keys from the file on the TFTP server or PCMCIA flash card, enter the following command:
BigIron(config)# ip ssh pub-key-file reload
Syntax: ip ssh pub-key-file reload
Once the public keys are part of the active configuration, you can make them part of the startup-config file. The
startup-config file can contain a maximum of 10 public keys. If you want to store more than 10 public keys, keep
them in a file on a TFTP server or PCMCIA flash card, where they will be loaded into the active configuration when
the device is booted.
To make the public keys in the active configuration part of the startup-config file, enter the following commands:
BigIron(config)# ip ssh pub-key-file flash-memory
4 - 4 December 2000