[rancid] Can clogin prompt for a password?

Patrick Okui pokui at psg.com
Wed Sep 28 22:22:13 UTC 2016

On 6 Sep 2016, at 21:33 EAT, heasley wrote:

> Thu, Sep 01, 2016 at 12:25:09AM +0300, Patrick Okui:
>> On 4 Aug 2016, at 20:29 EAT, heasley wrote:
>>> [ it would be nice if vendors would store ssh keys like junos, so 
>>> you
>>> could  use ssh-agent ]
>> Cisco quietly added support for this some time back. Not sure which
>> vendors support/not support this these days.
> isnt this XR only?  I rather expected this to ubiquitous across the 
> industry by now.

Late comment but no. IOS 15 added support for RSA based keys. All you 
have to do is check for the availability of the `ip ssh pubkey-chain` 
command, or select “SSHv2 Enhancements for RSA keys” under the 
[cisco feature 

To get round the 255 character limit some IOS devices will impose you 
can just look at the hash of the key with `ssh-keygen -l -f 
~/.ssh/id_rsa.pub | awk '{gsub(/:/,"",$2); print $2}'` and use key-hash 
ssh-rsa <HASH> instead of asking the router to do that for you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20160929/0b192ed2/attachment.html>

More information about the Rancid-discuss mailing list