my apologies... I should have read further back on the history of the thread. Now that I have, I see what your talking about, and understand what you are looking for.
I am now interpreting that you want to know where the SSH RSA key is kept on the PIX. If so, I unfortunately don't have the answer to that, and I'm not sure it is viewable. It (the PIX) may keep it in a file on the NVRAM file system or the Flash File System. I have tried to get a display of the Flash File System, but only come up with generic info... PIX# show flashfs flash file system: version:2 magic:0x12345679 file 0: origin: 0 length:2469944 file 1: origin: 2490368 length:3987 file 2: origin: 0 length:0 file 3: origin: 2621440 length:3528136 file 4: origin: 7864320 length:280 I suspect that perhaps "File 4" is the RSA key file generated for SSH communications (do keep in mind that you have to generate this before SSH will work, If I remember correctly.. [sorry, its quite late, and my brain is half asleep at the moment]). Funny... now you've got me back to trying to find the same answer from when I wondered this many months back. Sorry I couldn't have been any more help. Anybody else know the trick to viewing the names of the files kept on the Flash File System, or where the SSH key file is kept?? Ole D. Jensen?? Mark -----Original Message----- From: John Green [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 12:23 AM To: Mark Odette II Subject: RE: SSH client for windows 95 [7:39869] show ver shows two keys, activation and the other number being the serial number. besides i don't see any numbers, other than the flash and bios numbers. and kent's post specifically mentions in points 2 and 3 that there is a way to read the keys. so where is the key ? --- Mark Odette II wrote: > There isn't a way to "read" the key... but if you > want to display the key, > issue the following command at the PIX console: > > "Show Version" > > -Mark > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > John Green > Sent: Monday, April 01, 2002 7:25 PM > To: [EMAIL PROTECTED] > Subject: RE: SSH client for windows 95 [7:39869] > > > where or how to read the pix's "key" ? > what is the command ? > > > > --- Kent Hundley wrote: > > John, > > > > 3 ways to verify the host key: > > > > 1) Connect over a network which you have a > > reasonable degree of confidence > > is secure. This would normally mean connecting > over > > a LAN to the host in > > question to get its key. For the truly paranoid, > > this would mean connecting > > over a x-over cable to the host in question. > > > > 2) Have someone send you the host key and then cut > > and paste the key into > > the appropriate file. To have a degree of > > confidence you would have to > > receive the key through some fairly secure means, > > i.e. have a floppy fedexed > > to you, sent imbedded in an email with PGP, etc. > > > > 3) Call the person who manages the server, connect > > to the server, get the > > key and have them verify the received key over the > > phone. (this is proabably > > the easiest method) > > > > The keys are stored in files on each host. For > > example, using openssh, the > > hosts key is normally stored in a file called > > ssh_host_rsa_key.pub. > > Different client ssh programs store the public > keys > > of the servers they talk > > to in different places. F-Secure's ssh client > store > > them in a directory > > called 'hostkeys' and they have names like > > 'key_22_10.1.1.1.pub'. > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax > http://http://taxes.yahoo.com/ [EMAIL PROTECTED] __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40153&t=39869 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
