request security ssh password-less-authentication (Junos OS Evolved)
Syntax
request security ssh password-less-authentication remote-host host remote-user username <all-conf-users> <routing-instance routing-instance>
Description
Configure SSH key-based authentication between the local device and a remote server.
When you execute the command, the device generates SSH keys for the current user, provided
the user does not already have existing keys, and transfers the user's public key to the
authorized_keys file of the specified user on the remote host. If you
include the all-conf-users option, the device performs the operation for
all configured users with SSH keys instead of only for the current user.
You can back up your device’s configuration to an archive site periodically or after each
commit by configuring statements at the [edit system archival
configuration] hierarchy level. Before you can configure the device to archive
the configuration using an SCP-style URL, you must set up passwordless authentication
between the local device (as the root user) and the remote server (for a remote user
configured on the server).
Options
| all-conf-users |
(Optional) Configure SSH key-based authentication for all configured users that have an SSH key pair. If you omit this option, the device configures SSH key-based authentication for the user executing the command. |
| remote-host host | Hostname or IP address of the remote server. |
| remote-user username | Username that the local device uses to log in to the remote server. |
| routing-instance routing-instance-name | (Optional) Name of the routing instance through which to reach the remote server. |
Required Privilege Level
maintenance
Sample Output
request security ssh password-less-authentication
root@host> request security ssh password-less-authentication remote-host 198.51.100.1 remote-user admin INFO: Reading public key of current logged in user 'root'. INFO: Logging in to 198.51.100.1 as 'admin' user to append content of public key file(s), please authenticate.. The authenticity of host '198.51.100.1 (198.51.100.1)' can't be established. ECDSA key fingerprint is SHA256:ZZYzAS1mzURvmmxnoUkDuBp3UfS3ryD46CDei1MoTT4. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '198.51.100.1' (ECDSA) to the list of known hosts. admin@198.51.100.1's password: INFO: Password-less authentication from host (for user 'root') to 198.51.100.1 (for user 'admin') is setup.
Release Information
Command introduced in Junos OS Evolved Release 22.3R1.