Please Create Rsa Keys To Enable Ssh

This is how you configure ssh on Cisco ios xr devices. This program generates a pair of private/public keys in the directory ~/. You will be asked to move the mouse around in a random pattern over the window to generate randomness for the key. The key is named id_rsa and the keyhole is named id_rsa. This applies to the "" that is created by "crypto key generate rsa" and the ". How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non. The name for the keys will be: foghorn. The samples below are all examples of using asymmetric (public-key) RSA encryption. ssh/ssh_id_rsa. This tutorial will show you how to enable SSH, generating RSA key, and then allowing on SSH remote management protocol under the VTY interfaces. The first thing you have to do is create the private and the public key, which you can do by simply running the ssh-keygen command. pub or something similar. Key pairs are generally more secure than password logging in. Login to your SFTP server via SSH. Aaa authentication login default local. ssh-keygen is a tool available default in linux used to create a ssh authentication key pairs. This will create two files, a private key, and a public one. ssh-keygen -t rsa -b 4096 -C "[email protected] This topic covers how to configure the Database Agent to connect to the Controller using SSL. How To Use Putty with an SSH Private Key Generated by OpenSSH I have access to a remote server where I am only allowed to login via SSH with a key, and I can’t add an extra key by myself, as described in “ No Password SSH ” post. ssh/authotized_keys (this file can contain more than one key, you can have as many as you want). How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable…[OK] Set the size of key to 1024 bits. In this tutorial, we will walk through how to generate SSH keys on Ubuntu 18. Then customize a little bit the Powershell because the defaults are just crime against humanity. You must also add the new user to the list of allowed users in the /etc/ssh/sshd_config file on the instance. Joyent recommends RSA keys because the node-manta CLI programs work with RSA keys both locally and with the ssh agent. Scroll down to Security, click the SSH/Shell Access icon. This command takes a while to run as the device generates a new set of public and private keys for SSH to use. authorization-attribute level 3. Configuring key lengths: The crypto key generate ssh command allows you to specify the type and length of the generated host key. For encryption and decryption, enter the plain text and supply the key. !!! You can copy pub­lic key copry from win­dows to serv­er by com­mand {this copy to home root direc­to­ry to. config t vty 0 4 transport input ssh telnet exit I have a perl script that does this to reset enable passwords. Printable View (Config)#crypto key generate rsa (Extreme 220) (Config)#crypto key generate dsa Please tell us how we. Bob Cromwell wrote a series of articles about setting up SSH keys for easier and more secure authentication, setting up a SSH key-agent, easily maintaining multiples websites with SSH and ways to manage your SSH keys and identities. password simple ssh_client. If the cache is depleted, this could take up to two minutes. However, it is possible to specify any file name and any location when creating a private key, and provide the path name with the -i option to the SSH client. On the client (where you ssh FROM) First make a ssh key with no password. 2018-06-04 UDPATE:. Update: We have two new articles about the topic: PowerShell remoting with SSH public key authentication Enable PowerShell Core 6 remoting with SSH transport. The type of key to be generated is specified with the -t option. enable rsa authentication in /etc/ssh/sshd_config in both the servers RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile. In the recent versions of Raspbian, the SSH access is disabled by default but it can be easily enabled. To get gpg-agent to handle requests from SSH, you need to enable support by adding the line enable-ssh-support to the ~/. To generate new SSH keys enter the following command: ssh-keygen. In this tutorial, we will walk through how to generate SSH keys on Ubuntu 18. If it didn't paste properly, it will not work , and you will need to remove the key from GitLab and try adding it again. Bob Cromwell wrote a series of articles about setting up SSH keys for easier and more secure authentication, setting up a SSH key-agent, easily maintaining multiples websites with SSH and ways to manage your SSH keys and identities. To generate the key, use the program ssh-keygen as follows. In this file, one line represents one allowed public key for this user to login. A Linux machine is required to follow this tutorial. So, in short: if your router has RSA keys generated, but won't enable SSHv2, enable SSH with the name of the RSA keys, like so: ip ssh rsa keypair-name and then. I try to use the full command of crypto key generate rsa general-keys modulus <2048|4096> when creating keys for SSH. Since I’m completely new to SSH (so far I’ve only accessed switches through the CLI) I am looking for the commands to enter to enable SSH on the switch. now copy/transfer the private key file to the system that is running the Discovery-Tool. This article provides commands to enable SSH to the Authentication Manager server/RSA SecurID appliance via command line. 0 and above has DSA keys disabled by default for security reasons. Kfir Avraham 2018-07-06 14:11 In order to configure the CLI client and Artifactory to work with SSH Authentication please perform the following steps: Upload the private and public keys to Artifactory - in Artifactory UI navigate to the Admin Tab → Security | SSH Server, Enable SSH Authentication, fill in the required fields and upload …. Applies to: Any version of Centrify OpenSSH based on openssh 7. You can generate the RSA keys with following command: SW1 ( config)# crypto key generate rsa. now your key is saved in c:\Users\. ssh-keygen can create RSA keys, DSA keys, ECDSA keys, ED25519 keys. ssh folder of your home directory. Create your SSH keys with the ssh-keygen command from the bash prompt. com Choose the size of the key modulus in the range of 360 to 4096 for your General Purpose Keys. lab-com02(config)#crypto key generate rsa The name for the keys will be: lab-com02. You place the public key file on a remote server, in a home directory in plain-text file ~/. press enter to all settings. The name for the keys will be: Switch01. – You will be prompted with a clear message if there is a problem with your key. The SSH server on the Brocade device uses this host DSA or RSA key, along with a dynamically generated server DSA or RSA key pair, to negotiate a session key and encryption method with the client trying to connect to it. crypto certificate generate. To allow only SSH key authentication, check Disable password login for Secure Shell (RSA/DSA key only) Enter a port number in SSH Port if the SSH daemon should listen on a. If you wish to generate a stronger RSA key pair, specify the -b flag with a higher bit value. The output will look similar to the following: mac:~ user$ ssh-keygen -t rsa. If invoked without any arguments, ssh-keygen will generate an RSA key. ssh directory on the server side. ssh/id_rsa):. To be as hard to guess as a normal SSH key, a password would have to contain 634 random letters and numbers. If you have, you will either need to remove it, or generate RSA keys for that keypair name: crypto key generate rsa label KEYPAIR. Unfortunately, it appears there are various competing formats for storing the data in files which I aim to cover here. generate crypto keys for ssh 5. The user may use Account Password or Public Key with Passphrase authentication. pub, which are locally created and are not part of configuration, will not be restored. - multiple-ssh-authkeys. The ssh-add command will prompt the user for the passphrase. By default, ssh-keygen will generate an RSA key pairs with one public and private key. pub in the /home/your_username/. It is required in the client's SSH software in order to proceed with the SSH connection. I have a network automation container, I type ssh 192. img on /flash/ and then load the encryption module as Michael suggest (he was right as usual!!) : config load-encryption-module 3DES 3/ create access-policies sys access-policy policy 2 create. The first step to configure SSH key authentication to your server is to generate an SSH key pair on your local computer. Select SSH-2 RSA Key with 2048 bits, hit the Generate button and move the cursor randomly on Putty Key Generator field window as presented in the screenshots below in order to produce SSH Keys. PRTG Manual: Monitoring via SSH. Confirm that the Number of bits in a generated key value is set to 2048. We’ll show you how to check if SSH is supported by your IOS version, how to enable it, generate an RSA key for your router and finally configure SSH as the preferred management protocol under the VTY interfaces. 4, Artifactory supports SSH authentication for Git LFS and the JFrog CLI using RSA public and private keys. On the next page, we need to click on the "Generate a New Key". 2960-RG#sh ip ssh SSH Disabled - version 2. Our first task is to generate an RSA public/private key pair to use to securely transfer the session key from the server to the client. Fortunately, there is a command to do just. Last modified: Jun. By default, ssh-keygen generates 2048-bit RSA keys. Here we will see how to configure password less authentication using ssh on Solaris nodes. txt), and that you specified the correct private key file (codecommit_rsa, not codecommit_rsa. In the terminal type: ssh-keygen -t rsa On each prompt, hit enter. The key may not be encrypted! PRTG does not support password-protected keys. Printable View (Config)#crypto key generate rsa (Extreme 220) (Config)#crypto key generate dsa Please tell us how we. ssh and copy id_ecdsa. We will generate public and private. In this case, !--- Telnet is disabled and only SSH is supported. Generate SSH Key. Previously, SSH was linked to the first RSA keys that were generated (that is, SSH was enabled when the first RSA key pair was generated). Type this command on Git Bash: ssh-keygen -t rsa. $ ssh-keygen. You may use “cat” command on the client side to view the file and use an editor like “nano” on the server side to modify or create the authorized_keys file. A better way is to set up a public/private key pair - you unlock your key once and then reuse it to make connections without entering your password. Abstract This memo describes a key-exchange method for the Secure Shell (SSH) protocol based on Rivest-Shamir-Adleman (RSA) public-key encryption. Creating an SSH key on Windows 1. The public key will be saved in the. How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable…[OK] Set the size of key to 1024 bits. For example, if you have an id_rsa key in addition to a custom key, make sure you add both using ssh-add (as shown above). pub from the management computer to ~/. Create an SSH key. Device preparation (setup hostname, domain name, username, and passwords) 2. How to enable SSH on a 200 Series switch. The Fix:Run ‘crypto key generate rsa modulus 4096 label ssh-key’ (you need higher than 512 modulus for ssh2, 2048 and 4096 are recommended) If you have ssh debugging on you would see the. Try logging on to pxidvsap01 and generate the keys then move the public key to ora3d on Server A and see what happens. As a security consideration it's important to note the permissions of. Copy private RSA key. SSH keys provide a more secure way of logging into a virtual private server with SSH than using a password alone. com Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. By default, the command saves the key pair in the. 5 is deactivated. Step One—Create the RSA Key Pair. The mib is. Copy and install the public ssh key using ssh-copy-id command on a Linux or Unix server. ; Copy and install the public key using ssh-copy-id command. All Other Mainframe Topics: Hi, I generate public-private ssh key pair using the below process Could you please let me know if this process can. You can overwrite the keys with the following commands, or skip this step and go to configuring SSH keys to reuse these keys. To do so you can do manually or by using ssh-copy-id command. The private key will be stored under ~/. pub or something similar. !!! You can copy pub­lic key copry from win­dows to serv­er by com­mand {this copy to home root direc­to­ry to. Transfer the private key to the machine you will ssh from. In this tutorial, we will walk through how to generate SSH keys on Ubuntu 18. Active Directory Users Unable to Login via SSH using SSSD and Getting “Permission Denied, Please Try Again” [CentOS/RHEL] By admin. rm /etc/ssh/ssh_host_* Step 2: regenerate host keys. Key pairs are generally more secure than password logging in. The private key will be stored under ~/. pub from above (no extra whitespace please!). ssh/id_rsa and the public key under ~/. Create an RSA key that is 2048 or 4096 bit in length, and use either your username or email address as the key comment. Automatic WordPress Updates Using FTP/FTPS or SSH Introduction When working with WordPress in a more secure environment where websites are not entirely world-writable, you will notice upgrades request FTP or FTPS credentials as the server itself does not typically have write access in properly-configured environments. There's no warranty that it'll work for you. I have a network automation container, I type ssh 192. 4108GL(config)# 4108GL(config)# crypto key generate Generating new RSA host key. You don't list your complete ssh configuration, so it's hard to know what to remove. ssh/authorized_keys. You can, of course, save your new key pair to an alternative, i. 04 Setup SSH Public Key Authentication. pub is the public key. Ok I started over: I ssh'ed into the remote machine, bricklayer, and deleted. Click the 'Key' tab and choose SSH-2(RSA) key and ensure 'Parameters' on the bottom is set to type RSA and 'Number of bits in a generated key' is set to 2048. All the other HOWTOs I've seen seem to deal with RSA keys and SSH1, and the instructions not surprisingly fail to work with SSH2. More information on SSH keys can be found here. There are two different approaches to create a self-signed certificate: automatic or manual. @DustinB3403 said in How to configure SSH Keys for Nessus: @IRJ said in How to configure SSH Keys for Nessus:. user1 has valid logins in both boxA and boxB user1 home dir is /export/home/user1 in both boxes In boxA, logged in as user1, create. You can add more IPs through the Add IP link. $ chmod 700 ~/. The Fix:Run ‘crypto key generate rsa modulus 4096 label ssh-key’ (you need higher than 512 modulus for ssh2, 2048 and 4096 are recommended) If you have ssh debugging on you would see the. % All router certs issued using these keys will also be removed. press enter to all settings. 2- From the Crypto tools option you can select the "Convert Crypto Key Object" tab to create a Crytpo Key object using the PEM and convert this to an open ssh key like so;. pub or something similar. Private key should be stored in the ssh keychain and protected with the encryption passphrase. If you are not managing the users directly (say, for domain-joined nodes), continue to use the solution presented belwo. On the SSH Access page, under Manage SSH Keys, click Manage SSH Keys. In general ssh will start to work as soon as the process has a valid key. Enable SSH via webGUI¶ Navigate to System > Advanced in the webGUI. echo "" > authorized_keys Please paste your public key inside the quotation (“”). Configure the user’s ssh client config to use the key pair when connecting to the remote machine over ssh. If you see files named id_rsa. Define the public key and enable SSH server: public-key local create rsa. Try logging on to pxidvsap01 and generate the keys then move the public key to ora3d on Server A and see what happens. After running the above configuration commands, it will create a directory with in /var/home and the authorized_key for SSH will be created. If there is, then you can tell the ssh process to use this key with ip ssh rsa keypair-name xxx. In this tutorial we going to create a playbook where we will create a user for the key-based authentication and copy the public…. Please do not send your private key to Cisco, only the public key (. As a Linux administrator you should know. ; Copy and install the public key using ssh-copy-id command. How to generate an SSH key To generate an SSH key pair in Linux, you use the ssh-keygen tool. % All router certs issued using these keys will also be removed. ssh # chmod 0700. Benefits of SSH keys If VPS/Dedicated server is visible over the Internet, you should use public key authentication instead of passwords, if at all possible. The type of key to be generated is specified with the -t option. Thus use RSA and ECDSA, but avoid DSA. When I try to generate RSA keys for SSH access on a router using the crypto key generate rsa command in config mode, I receive this error: % Invalid input detected at '^' marker. As we’ve just demonstrated, Vault has a superb engine for Dynamic SSH credentials and Host Key signing, and, with simple configurations and some code, most security features required by enterprises can be quickly and effectively implemented. When you have the key generated, cp the id_rsa. RP/0/0/CPU0:ios(config)#ssh server v2 RP/0/0/CPU0:ios(config)#line default transport input ssh. Copying the Public Key to Enable Passwordless SSH. This key size will be 4096 bit. You need to include all of the text that appears in the image in your key file. The ip ssh rsa keypair-name command was also introduced in Cisco IOS Release 12. 0 now has DSA keys disabled by default due to security risks as reported by openssh. In this tutorial we will use a key which we will generate in a Linux box shortly rather than this one (router key), so why to generate this key in the router? it's because to enable the ssh in Cisco router a local rsa key is mandatory, without the key you cannot enable ssh. To setup a passwordless SSH login in Linux all you need to do is to generate a public authentication key and append it to the remote hosts ~/. Generate the public key private key pair. If you want you can use DSA instead of RSA. Verification: To verify, we can SSH own IP (192. server" key that is created upon the first ssh connection to the ASA. Re: ssh_exchange_identification in junos ‎08-04-2011 10:08 PM hey guys i found the solution to dis issue, so like to share it wid all the junos suffering people :. enable ssh on vty as well as local database for authentication. You also want to make sure you change the permissions (chmod) of that file afterwards:. No vodoo, not difficult. thetechfirm. Some SSH Client or Server software does not support the RSA algorithm. RSA Encryption and Decryption in Java. Use the following steps to load your SSH private key in PuTTY Key Generator: Launch PuTTY Key Generator. Open Putty Key Generator (Puttygen). How do I do it from windows command prompt? I tried using ssh-keygen -t rsa from c:\ but received a message ssh-keygen is not recognized as an internal or external command, operable program or batch file. Learn how to install, enable and start SSH Server and SSH client; generate SSH public keys and SSH private keys for key based authentication and configure User and Host Based Security in detail. line vty 0 4. This will create two files, a private key, and a public one. Step 3: Generate an SSH key to be used with SSH. % All RSA keys will be removed. crypto key generate rsa. Hence, the command to generate my SSH keys would be $ ssh-keygen -t rsa -b 4096, [email protected]:~$ ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. By default, this will create a 2048 bit RSA key pair, which is fine for most uses. How do I do it from windows command prompt? I tried using ssh-keygen -t rsa from c:\ but received a message ssh-keygen is not recognized as an internal or external command, operable program or batch file. ssh/authorized_keys. ssh directory on SFTP server. I try to use the full command of crypto key generate rsa general-keys modulus <2048|4096> when creating keys for SSH. SSH implementations include easily usable utilities for this (for more information see ssh-keygen and ssh-copy-id). protocol inbound ssh. Load your SSH private key in PuTTY Key Generator. If there is, then you can tell the ssh process to use this key with ip ssh rsa keypair-name xxx. SSH public keys allow you to securely login to a remote SSH server with having to enter your password each time you want to log in. If the first command doesn't show anything useful then I'd say you can go ahead and generate a new key. Inside my ~/. Thus, if you have key generated on your local workstation under "thufir", and want to logon to remote server as "ubuntu", you need to copy contents of your. I released some PoC code here to extract and reconstruct the RSA private key from the registry. If the first command doesn't show anything useful then I'd say you can go ahead and generate a new key. How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non. Private keys are protected with DPAPI and stored in the HKCU registry hive. Generate the public key private key pair. Enable SSL for the Database Agent. To do this, we can use a special utility called ssh-keygen, which is included with the standard OpenSSH suite of tools. com and make a connection with your regular password. To be as hard to guess as a normal SSH key, a password would have to contain 634 random letters and numbers. Generate SSH Key using PuTTYgen With PuTTYgen you can generate SSH key pairs (public and private key) that are used by PuTTY to connect to your server from a Windows client. ssh directory in our client machine (populated with the private/public key pair), we now have to create a corresponding. However, it is possible to specify any file name and any location when creating a private key, and provide the path name with the -i option to the SSH client. If you connect to your FreeNAS server often with SSH or want to run rsync via SSH then it can be very useful to setup what is called public key authentication. Upon entering this command, you'll be asked where to save the key. – The following SSH public key types in the control panel are supported: RSA keys >= 2048 bits, ECDSA and Ed25519 keys. RE: Enable the SSH server on a PC6248 Ok, so I am slow. On the other hand, SSH keys provide an easy and secure way of logging into a remote server, and this method is recommend for all users. thegeekstuff. Among which your private (id_rsa) and public key (id_rsa. I have a network automation container, I type ssh 192. Crypto key zeroize. " So here we are : rtr-l3(config)#conf t rtr-l3(config)#aaa new-model. The next thing I checked was the ~/. In this article, I will show how to set up an SSH server on Windows and how to install OpenSSH on a Windows client for PowerShell remoting in PowerShell Core. Create key pairs as normal user. ssh directory of the IAM user you configured for access to CodeCommit, that the config file has no file extension (for example, it must not be named config. Click the Submit button. Should we install cryptographic image if so how to install it. For more information on how to create a pair of SSH keys, please refer to a SSH documentation or book. Asymmetric encryption uses two different keys as public and private keys. Use the following steps to load your SSH private key in PuTTY Key Generator: Launch PuTTY Key Generator. Open Git Bash and run the following: $ ssh-keygen -t rsa -b 4096 -C "[email protected] To generate the new set of public and private key click on “Manage SSH Keys” button. Instructions for creating SSH key pair in windows. crypto key generate rsa modulus 2048 – 2048 RSA Key. Run the following command to copy the id_rsa. ssh The content of the id_rsa. Enable SSH version 2. ssh-keygen generates a public key and a private key. Press Enter at the following prompt to save the key in the default location (under your user directory as a folder named. Add public key to Authorized Keys. ssh-keygen -t rsa -b 4096 -C "your_key_name" Generating public/private rsa key pair. com --> To define a default domain name that the Cisco IOS software uses to complete unqualified host names R1(config)# crypto key generate rsa --> To generate RSA key pairs The name for the keys will be: R1. Fortunately, there is a command to do just that:. After running the above configuration commands, it will create a directory with in /var/home and the authorized_key for SSH will be created. If you are a current user and you just need to enable a new fob, complete steps 1 and 2. Creating a new key pair for authentication. On Windows, it is easy to use the free PuTTY SSH client and its related tools (see links below). This allows these tools to exchange sensitive information with the Artifactory server that is authenticated via SSH. In general ssh will start to work as soon as the process has a valid key. Key pairs are generally more secure than password logging in. On each machine type ssh somemachine. key access is Debian. myswitch(config)# crypto key generate rsa The name for the keys will be: myswitch. How I can create user access to SSH server without create actual user(s) on windows ? #1008 hamedsbt opened this issue Dec 31, 2017 · 15 comments Comments. Now I am trying to update the config in /etc/ssh/sshd_config to disable password login and enable key based login but the config changes are not getting reflected. – You will be prompted with a clear message if there is a problem with your key. In this post, the host that I used to generate keys runs on Ubuntu Server 16. ssh-keygen is used to create different type of public-private keys. When I try to enable SSH on my router, got the "Please create RSA keys to enable SSH. Feel free to increase this to your desired key length - remember to use powers of two. RSA SSH keys. - multiple-ssh-authkeys. There's no warranty that it'll work for you. transport input SSH. Unfortunately, it appears there are various competing formats for storing the data in files which I aim to cover here. To create a key issue a “crypto key generate rsa” command;. Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. Expand the SSH sub-category and highlight the. img on /flash/ and then load the encryption module as Michael suggest (he was right as usual!!) : config load-encryption-module 3DES 3/ create access-policies sys access-policy policy 2 create. Create a DSA or RSA key pair that has no passphrase associated with it. R2(config)# crypto key generate rsa usage-keys label {keypair-name} modulus 768. Open Putty Key Generator (Puttygen). SW1 # enable secret cisco Generate the RSA Keys. ssh # chmod 0700. If invoked without any arguments, ssh-keygen will generate an RSA key for use in SSH protocol 2 connections. ip ssh server enable ip ssh protocol 2 ip ssh port 22 sshcon maxsessions 2 sshcon timeout 5. Benefits of SSH keys If VPS/Dedicated server is visible over the Internet, you should use public key authentication instead of passwords, if at all possible. 0 and higher. To generate the key, use the program ssh-keygen as follows. You can create a SSH Key in Ubuntu via SSH with the following command (navigate to the. The Fix:Run 'crypto key generate rsa modulus 4096 label ssh-key' (you need higher than 512 modulus for ssh2, 2048 and 4096 are recommended) If you have ssh debugging on you would see the. SSH on a HP ProCurve Switch 4108GL. localdomain, generate an "authorized_keys" file and copy it to rac2. We will use -b option in order to specify bit size to the ssh-keygen. How To: Create SSH Remote Login Mac OS X and Force Private Key Authentication Only - Putty This guide will show you how to enable SSH (remote login) on your Mac OS X machine and connect to it using a private key file (. Create password for root: please wait while we try. Check your config to see if you've defined a specific keypair for SSH. Update: We have two new articles about the topic: PowerShell remoting with SSH public key authentication Enable PowerShell Core 6 remoting with SSH transport. Private key should be stored in the ssh keychain and protected with the encryption passphrase. Generate SSH Key using PuTTYgen With PuTTYgen you can generate SSH key pairs (public and private key) that are used by PuTTY to connect to your server from a Windows client. On the next page, we need to click on the "Generate a New Key". Run the following command to copy the id_rsa. On the SSH Access page, under Manage SSH Keys, click Manage SSH Keys. If you’re a Windows user, please research on how to generate keys using PuTTY Generator. Restart sshd service ( service sshd restart) A much more complex way. I create a SSH Key file on Server A using RSA method ssh-keygen -t rsa Generating public/private rsa key pair. Printable View (Config)#crypto key generate rsa (Extreme 220) (Config)#crypto key generate dsa Please tell us how we. Specifies the RSA key pair to use for using SSH. crypto key generate dsa (or rsa) ip ssh server; That's it! Don't bother with the instructions that you might find in the user guide for "configuring an initial SSH console password" that have you mess with aaa authentication default line and the. Re: ssh key generation. General Purpose Keys.