Last week I moved towards using a Lubuntu host for a management workstation in various scenarios. I need the following tools in order for this to be effective:

• SSH Client (for network devices, especially Cisco switches, routers, and firewalls)
• Web Browser (for various reasons, especially ESXi, iDRACs, and Collaboration / Ticketing software
• Remote Desktop Client (for pesky Windows systems)

Along the way I learned that Cisco has implemented SSH Key authentication in newer versions of the IOS. The OpenSSH client (included with Lubuntu by default) can be configured to connect per host, allowing simple user operation if the hostnames of the managed devices are known by the operator. This leads to the question of how to properly manage an SSH key infrastructure. This is an age-old problem with established best practices that can be found in this NIST document:

https://csrc.nist.gov/publications/detail/nistir/7966/final

Within this document is a reference to another NIST document that I need to keep on my reading list detailing currently recommended key lengths and approved algorithms:

https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final