Generate an RSA User Key

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Generate a new RSA user key.

    ssh rsa-user-key WORD<1–15> [size <1024-2048> ]

Variable Definitions

The following table defines parameters for the ssh rsa-user-key command.

Variable Value
WORD <1–15>

Specifies the user access level.

If enhanced secure mode is disabled, the valid user access levels for the switch are:

  • rwa — Specifies read-write-all

  • rw — Specifies read-write

  • ro — Specifies read-only

  • rwl1 — Specifies read-write for Layer 1

  • rwl2 — Specifies read-write for Layer 2

  • rwl3 — Specifies read-write for Layer 3

If you enable enhanced secure mode, the switch uses role-based authentication. You associate each username with a specific role and the appropriate authorization rights to commands based on that role.

If enhanced secure mode is enabled, the value user access levels for the switch are:

  • admin—Specifies a user role with access to all of the configurations, show commands, and the ability to view the log file and security commands. The administrator role is the highest level of user roles.

  • operator—Specifies a user role with access to all of the configurations for packet forwarding on Layer 2 and Layer 3, and has access to show commands to view the configuration, but cannot view the audit logs and cannot access security and password commands.

  • auditor—Specifies a user role that can view log files and view all configurations, except password configuration.

  • security—Specifies a user role with access only to security settings and the ability to view the configurations

  • priv—Specifies a user role with access to all of the commands that the administrator has access to, and is referred to as an emergency-admin. However, the user with the privilege role must be authenticated within the switch locally. RADIUS and TACACS+ authentication is not accessible. A user role at the privilege level must login to the switch through the console port only.

size <1024-1024>

Specifies the size of the RSA user key.