[cisco]Public key authentication on Cisco ASA

I am using Cisco ASAv asa992-smp-k8.bin

Generate RSA from Centos
ssh-keygen -t rsa -b 2048 I rename this asymmetric keys as cisco_id_rsa.
Then I get the contents of cisco_id_rsa.pub.

Exclude the ssh-rsa and the username@hostname, only get the key and copy and paste to the cisco asa. See the screenshot on the highlighted portion.

On cisco ASA do this:
conf t username cyruslab nopassword privilege 15 username cyruslab attributes ssh authentication publickey AAAAB3NzaC1yc2EAAAADAQABAAABAQDAU/5J7w0HKcJ+0Q7+ZJHGgnbKjklWRSntTlJhLT8u6Sy6dvCIx435iYPj58AcFu1I+42nJgSfNsGpyFb/EEoRiG0qHqJbJDBSU8Ed4nMDNfz3NhbiRTrOHwiVWI+B86K04Oy/EUnRFvkcFDFH78VrPQ3yI9Zx7jwDEvhoqeCIWB+k6xg6zkTCD7iPuxoaR+ziOx8FIu3HL1WkWgxjEcPWy3N+aId3RRtPeLgVjkoXsSnREhcb8gRFc4snh3P9819W1ZP98Noa4UbklCXnGHwdPGgPPIi99MnWy+XNUMd7vQnkmdXk1WvZwkti5ol2Xgss7s6WSnESP8NNWk364dHR end

Then test from the centos server to cisco asa:
You will still see password prompt, but just press enter as no password is needed for cyruslab which refers to the server’s pub key.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Share this:

Like this:

Related

Published by cyruslab

Leave a Reply Cancel reply