Viewing SSH Security Information

The following section explains the commands used to obtain SSH statistics which can be helpful for debugging purposes.

View Keys

Use the show security <key type> command to view keys imported into the SBC.

Viewing Authorized Keys

Use the show security authorized-keys command to view keys imported into the SBC's authorized_keys file.

The command syntax:

show security authorized-key <brief | detail> [name]

1. Run the command without the name parameter to view all the authorized keys.

   ORACLE# show security authorized-key brief 
   key-type:     authorized-key
   key-encr:     rsa 
   key-size:     4096 
   key-name:     client1 
   user-class:   admin
   
   finger-print: 
       22:b4:6b:6c:9f:47:33:31:14:e1:78:65:d4:2e:73:6c
   finger-print-raw: 
       ca:ee:1c:fc:4b:65:7b:5e:b7:18:db:68:14:25:f9:46
   
   key-type:     authorized-key
   key-encr:     rsa 
   key-size:     4096 
   key-name:     admin 
   user-class:   admin
   
   finger-print: 
       b2:be:69:18:6e:32:d3:9f:5a:5a:d1:24:38:91:c8:9c
   finger-print-raw: 
       4e:cc:6c:e5:8a:20:39:58:fd:4e:e9:5f:01:56:14:4d
   ORACLE#

2. Run the command with the name parameter to view the details of a specific authorized key.
   For example:

   ORACLE# show security authorized-key brief client1
   key-type:     authorized-key
   key-encr:     rsa
   key-size:     4096 
   key-name:     client1 
   user-class:   admin
   
   finger-print: 
       22:b4:6b:6c:9f:47:33:31:14:e1:78:65:d4:2e:73:6c
   finger-print-raw: 
       ca:ee:1c:fc:4b:65:7b:5e:b7:18:db:68:14:25:f9:46

Viewing Known Host Keys

Use the show security known-host command to view the public keys in the SBC's known_hosts file.

The command syntax:

show security known-host <brief | detail> [name]

1. Run the command without the name parameter to view all the known host keys.

   ORACLE# show security known-host brief 
   key-type:     known-host
   key-encr:     rsa 
   key-size:     4096 
   key-name:     10.0.0.10 
   user-class:   userfinger-print: 
       22:b4:6b:6c:9f:47:33:31:14:e1:78:65:d4:2e:73:6c
   finger-print-raw: 
       ca:ee:1c:fc:4b:65:7b:5e:b7:18:db:68:14:25:f9:46
   
   key-type:     known-host
   key-encr:     rsa 
   key-size:     2048 
   key-name:     10.0.0.20 
   user-class:   userfinger-print: 
       f7:e0:50:39:0b:54:fa:cd:e1:ac:de:dd:a9:42:e5:9f
   finger-print-raw: 
       16:5e:44:e8:2a:a6:f8:86:e5:67:1e:48:b7:34:63:c9

2. Run the command with the name parameter to view the details of a specific known host key.

   ORACLE# show security known-host brief 10.0.0.20
   key-type:     known-host
   key-encr:     rsa 
   key-size:     2048 
   key-name:     10.0.0.20 
   user-class:   user
   
   finger-print: 
       f7:e0:50:39:0b:54:fa:cd:e1:ac:de:dd:a9:42:e5:9f
   finger-print-raw: 
       16:5e:44:e8:2a:a6:f8:86:e5:67:1e:48:b7:34:63:c9

Viewing CA Keys

Use the show security ca-key command to view the certificate authority keys imported into the SBC.

The command syntax:

show security ca-key <brief | detail> [name]

1. Run the command without the name parameter to view all the CA keys.

   ORACLE# show security ca-key brief 
   key-type:     ca-key
   key-encr:     rsa 
   key-size:     4096 
   key-name:     rootCA
   user-class:   userfinger-print: 
       3e:7a:54:22:d7:5d:51:a7:05:93:21:af:7a:f2:fd:89
   finger-print-raw: 
       fe:87:18:d1:ec:a5:e8:aa:e9:7e:93:86:fa:1a:0d:9a

2. Run the command with the name parameter to view the details of a specific CA key.

   ORACLE# show security ca-key brief rootCA
   key-type:     ca-key
   key-encr:     rsa 
   key-size:     4096 
   key-name:     rootCA 
   user-class:   admin
   
   finger-print: 
       3e:7a:54:22:d7:5d:51:a7:05:93:21:af:7a:f2:fd:89
   finger-print-raw: 
       fe:87:18:d1:ec:a5:e8:aa:e9:7e:93:86:fa:1a:0d:9a
   ORACLE#