You can import SSH client public keys to establish an authenticated log in to the device from an external ssh client. You can also delete the key from the device to prevent it from being used for an authenticated log in.
device# certutil import sshkey directory /root/.ssh/ file id_rsa.pub host 10.20.238.152 login root password pass protocol SCP user admin
device# certutil sshkey user admin pubkey “ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ Dnim+Ofjx/id3z2jDxXu9DcMuQqVq/NKi2Lms+q7dA5Dqww8jlrOGawG8tMySOvnB1ZEvJt1kqNneRi4l6Ot4/7hfd 99rIOPGBP/NJs6xTLUrQhDgxB78ddTg+6euBtkYLTAaTC7kbXGXcO8VVB9+4xrH+0bkvjU9RRvGJguUfdiFKEfIGVOy t0atdHi1dmgQ9BE0cO65nc/i9MjMJedBe174/QT4TxeGeEgaQ57c2AL5It2V4CzrZBDtnixdnHUO5w2vmBR61LZIDVT1 fuX/xYxDAm9H8SDpDX8pZlfFpQBy/wrkIYPZ/p4OLrUApB/XAJGujrlNlZLEu9U9MPVM/ root@ldap.hc-fusion.in”
After the public key is imported or copied for a user, password-based authentication becomes a fallback option for that particular user. This user can log in using the public key. If a user tries to log in from a device on which the public key is not present, then the user is prompted for a password. When the public key is removed for the user, only password-based authentication is enabled for that particular user.
Note
When the public key is imported or removed, the SSH server is automatically rebooted and all active SSH connections are terminated.device# no certutil sshkey user admin
Note
When the public key is imported or removed, the SSH server is automatically rebooted and all active SSH connections are terminated.