Merge pull request #40 from markovanderpuil/patch-1

Add some ssh specifics to icx6xxx-adv.md

docs/icx6xxx-adv.md

@@ -121,12 +121,32 @@ ip ssh interactive-authentication no
 Now we have to generate our key pair with [puttygen](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html) on windows or ```ssh-keygen -t rsa``` on linux. The default settings of RSA @ 2048 bits works without issue. Generate the pair and save out both the public and private key.
 >The ICX6xxx series do *not* support 4096 bit keys - when using `ssh-keygen` or `puttygen` etc, you must create 2048 bit keys.
 
+For the Brocade to accept your public key file it should start with:
+```
+---- BEGIN SSH2 PUBLIC KEY ----
+```
+and end with:
+```
+---- END SSH2 PUBLIC KEY ----
+```
+Add those manually if it doesn't.
+
 Copy the public key file to your TFTP server. Then use the following command to import it into your switch:
 ```
 ip ssh pub-key-file tftp 192.168.1.8 public.key
 ```
 You shouldn't need to be told basic key management if you're following this section, but just in case - copy your private key to the proper location on the *nix machine you'll be SSH'ing from, or if you're on windows, load it using [pageant](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html). Now when you SSH to the switch, it will authenticate using your private key.
 
+On linux and Mac Os X you'll want to add these lines to your ```~\.ssh\config``` file. IdentitiesOnly is to prevent ssh-agent from offering any other bigger (> 2048) keys first that will terminate the connection negotiation early. IdentityFile will use only this key for this connection. KexAlgorithms sets a key exchange algorithm both systems support.
+
+```
+Host <switch-ip>
+   IdentitiesOnly yes
+   IdentityFile ~/.ssh/private_key
+   KexAlgorithms +diffie-hellman-group1-sha1
+```
+
+
 ## Name & Ditching The Serial Cable
 Now that you have access and authentication configured, it only makes sense to christen it with a name of your choice:
 ```