IOS XR key authentication

long, long time ago I’ve written a post about how to authenticate with keys via SSH to devices working under the control of IOS XE and ASA/FTD. since the big boys usually work with IOS XR, below is a quick guide on how to import keys to this system in versions 7.0+. OpenSSH and PEM format first step is to convert the format used normally by OpenSSH to PEM. this can be done with ssh-keygen:...

July 30, 2023 · Łukasz Bromirski

OpenSSH 7

OpenSSH 7 among other things discontinued older key exchange protocols for Diffie-Hellmans group 1 (diffie-hellman-group1-sha1). we already know that it can be compromised by executing attack known as Logjam. that’s all good and nice, until you try to connect to such device using newly upgraded SSH. if your device doesn’t support DH group 1 key exchange, you need to upgrade software. if you already have software capable of doing so, it needs to be configured on the box....

October 3, 2016 · Łukasz Bromirski