Why does cisco IOS require domain-name to be set before SSH keys can be generated?
Posted
by Daniel Papasian
on Stack Overflow
See other posts from Stack Overflow
or by Daniel Papasian
Published on 2008-09-18T14:40:55Z
Indexed on
2010/06/08
4:32 UTC
Read the original article
Hit count: 212
Is there a technical reason why IOS requires the device's domain-name to be set (via ip domain-name) before an SSH key can be generated? Is the domain-name used in any way in the generation of the key?
Is there any way to force the generation of a key before the domain name is set?
UPDATE: Myself (before I posted this question) and others in your answer seem to think it may be used as either a salt or a source of entropy for the key. Wouldn't the domain-name be very predictable? This doesn't seem like a suitable source of entropy.
© Stack Overflow or respective owner