I rely on SSH pretty heavily, be it for remotely managing a hanful of Linux systems or connecting to Cisco routers. I do this from my laptop and more recently – my phone. Rather than type passwords all the time (which can be tricky on on-screen keyboards) I decided to setup public key authentication for the Cisco routers I use.
Cisco IOS has supported public key authentication (for RSA keys only) since IOS 15. If you don’t already have a public/private RSA key-pair you can use PuttyGen (free, open-source) to generate them. If you’re a Linux user you can use the “ssh-keygen” command.
To set up RSA public key authentication, enter global configuration mode and issue the “ip ssh pubkey-chain” command. Then specify the username you want to provide a key for:
Router(config)#ip ssh pubkey-chain Router(conf-ssh-pubkey)#username admin Router(conf-ssh-pubkey-user)#key-string
Now, paste the data part of your public key (highlighted in red below).
ssh-rsa AAAAB.....aaa== rsa-key-20130820