How to add ssh public key to Cisco IOS XR devices

To enable password-free ssh access to Cisco IOS XR devices, we can import client host's ssh public key to cisco device.

Following steps are verified on XRv 9K 6.5.2 device:

decode SSH public key with base64

cat id_rsa.pub | cut -f 2 -d ' ' | base64 -d  > id_rsa.bin

copy the decoded key to IOS XR device

scp id_rsa.bin [email protected]<ip of IOS XR device>:disk0:/

import the key in IOS XR device

RP/0/RP0/CPU0:router1# crypto key import authentication rsa disk0:/id_rsa.bin

Verify ssh access with SSH key

[email protected]:~/.ssh$ ssh -i id_rsa [email protected]<ip of IOS XR device> show version


Wed Apr  3 08:25:08.068 UTC
Cisco IOS XR Software, Version 6.5.2
Copyright (c) 2013-2019 by Cisco Systems, Inc.

Build Information:
 Built By     : ahoang
 Built On     : Sat Feb  2 05:22:55 PST 2019
 Built Host   : iox-ucs-030
 Workspace    : /auto/srcarchive13/prod/6.5.2/xrv9k/ws
 Version      : 6.5.2
 Location     : /opt/cisco/XR/packages/

cisco IOS-XRv 9000 () processor
System uptime is 20 hours 25 minutes

[email protected]:~/.ssh$