I created a short video on how to configure Cisco ASA to allow a CLI user to authenticate with RSA keypair when connecting with SSH instead of username/password. See video below.
In short, this is how to do it:
username johndoe nopassword
username johndoe attributes
ssh authentication publickey XXXXXXXX
(Replace XXXXXX with the users public key)
When connecting with “ssh johndoe@firewallip” the user will be granted CLI access without a password prompt.
Excellent guide as always Jimmy! Belive me, this is hard to find a guide for.
How did you greate the pub key on the mac?
Hello Williams!
To be clear I am not sure. I am pretty sure that it is created automatically when you use the ssh client for the first time, if not already during the users first login into osx.
RSA keypairs can also be created manually with openssl.
The reason that I am not sure is that I have moved my keys from computer to computer for many years when I have restored backup after changing hardware. I use to backup the /users/Jimmy/.ssh directory every now and then to make sure not to lose my keypair.
/Jimmy
Very nice Jimmy