Remember, I'm not talking about servers, I'm trying to SCP files from switches, so they don't have as sophisticated a key-handling scheme. They want to have a single DSA key pair. Using the same key pair on every switch creates a new security risk, plus it is sort of a pain to set up. Using different keys for each switch would be a major pain to set up.
in reply to Re: Using Perl to do SCP
in thread Using Perl to do SCP
But it goes beyond that. Since SSH is already enabled on each switch, the OS won't let you run the keygen command on the switch. I.e. it won't create or load the keys until SSH is disabled. We use SSH to get to the switches. Catch-22.
Hence, I need to use password-based authentication (for now).