NeDi Software Specific > Installation

Public-key authentication with ssh

(1/2) > >>

In the nedi.conf we can define users for telnet and ssh access, which is useful for CLI.

We have a radius server for users authentication on our switches, so there isn't any "generic user".
So I guess we have to use one of our users, that's ok.
But I want to hide the password.
I'm not sure how to do :
"Use public-key authentication with ssh, if you do not want to have pw here in cleartext."

If I connect to a switch with SSH on the NeDi server, I'll have the RSA key fingerprint for this device, but then how to tell to NeDi to use it ?

i'm not using key files.
but i looked in the inc/

i found these line arround 664 depending on your version of nedi

--- Code: ---}elsif($po == 22){
                 my $known = "-o 'StrictHostKeyChecking no'";
--- End code ---

i guess you can try to set the keyfile there.

maybe you need to set a dummy password in the nedi config.

The StrictHostKeyChecking option can be turned off to ignore hostkeys on switches (update with -kK), but has nothing to do with public-key auth...

First off, you can "encrypt" the PW in nedi.conf (see context help in System-Files) or as ascii wrote add the public key of your machine to the authorised keys on the switch and use a dummy PW...

Can you give me more details about the encryption part plz ?
I looked in the help page and in "The NeDi Guide" but with no luck.

Use System-Files to edit nedi.conf. Click the padlock to open the "encryption popup". Enter clear PW and copy result back in nedi.conf:
usrsec    admin 41326464

You can increase security by changing the secret in the function XORpass() in, but don't forget it after the next update...


[0] Message Index

[#] Next page

Go to full version