Skip to main content
Start a Conversation

Solved!

Go to Solution

Bela Bodecs

1 Rookie

 • 

3 Posts

44

September 12th, 2024 21:08

S4810 - ssh public key authentication

Hi All,

I setup ssh public key authentication successfully. I know how to add public key by 

ip ssh rsa-authentication my-authorized-keys device://filename

and I know how to list installed public keys of a  user:

show ip ssh rsa-authentication username XXXX authorized-keys

but how to delete old keys from this file? or how to empty this file?

I have tried unsuccesfully by

delete flash:/ADMIN_DIR/ssh/authorizedkeys.xxxxx


% Error: Current user is not allowed to access the hidden directory.

Please help me.

Bela Bodecs

1 Rookie

 • 

3 Posts

September 13th, 2024 07:40

dear DELL-Joey C,

thank you for your base idea to find the solution by accessing the shell. Finally I found the solution. And for those who have similar problem here it is:

in exec mode start the shell by "start shell" command. It asks for login and password, So I created a temporary separate user for  this purpose by "username script password 12345678"  (I don't know why but only users created with clear password were able to login into shell)

the authorized keys are in the /flash/ADMIN_DIR/ssh/ directory. You may list the directory content by "ls /flash/ADMIN_DIR/ssh/"  The authorized keys are stored in files named like auth_keys.username, where username part is the actual username. So to delete public auth keys of user joe issue the following: 

rm /flash/ADMIN_DIR/ssh/auth_keys.joe

after it by "exit" command you leave the shell that's all

(edited)

DELL-Joey C

Moderator

 • 

3.9K Posts

September 13th, 2024 05:51

Hi,

 

Unfortunately, to either of both deleting the old keys or emptying the file, you will need to help from the switch support. There are sets of shell access commands that the engineers only able to execute. I don't have the information of those commands. 

Bela Bodecs

1 Rookie

 • 

3 Posts

September 13th, 2024 06:53

thank you for your quick reply. It means that it is very rare that someone alter the users public keys.

DELL-Joey C

Moderator

 • 

3.9K Posts

September 13th, 2024 07:38

Hi,

 

Well you can alter, but less would delete old keys. If necessary, then one would need to contact support to access the switch shell to remove. As an alternative, one can disable the existing SSH key and set it to default, then install a new SSH key on the switch, as to rebuild the SSH key. 

DELL-Joey C

Moderator

 • 

3.9K Posts

September 13th, 2024 08:26

Hi,

 

Thank you for the share, might be useful for other users. Appreciate it!

Was this post helpful?

View All

No Events found!

Top