Crypto Key Generate Rsa Usage-keys Label Ssh Keys Modulus 768
One needs to define domain-name before it's possible to generate SSH keys: sw1(config)#crypto key generate rsa% Please define a domain-name first. Sw1(config)#ip domain-name test.net sw1(config)#crypto key generate rsa The name for the keys will be: sw1.test.net Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Router(config)# crypto key generate rsa usage-keys The name for the keys will be: myrouter.example.com Choose the size of the key modulus in the range of 360 to 2048 for your Signature Keys. Choosing a key modulus greater than 512 may take a few minutes.
Generating RSA Keys
Crypto Key Generate Rsa Usage-keys Label Ssh Keys Modulus 768 Download
Use the crypto key generate rsa global configuration command to generate RSA key pairs.
router(config)# crypto key generate rsa {general-keys usage-keys} [label key-label] [exportable] [modulus modulus-size] [storage device:]
4-140 Securing Networks with Cisco Routers and Switches (SNRS) v2.0 © 2007 Cisco Systems, Inc.
Syntax Description
general-keys | Specifies that the general purpose key pair should be generated |
usage-keys | Specifies that two RSA special usage key pairs should be generated (that is, one encryption pair and one signature pair) instead of one general purpose key pair |
label key-label | (Optional) Name that is used for an RSA key pair when the key pair is being exported If a key label is not specified, the FQDN of the router is used. |
exportable | (Optional) Specifies that the RSA key pair can be exported to another Cisco device, such as a router |
modulus modulus-size | (Optional) IP size of the key modulus in a range from 350 to 2048 If you do not enter the modulus keyword and specify a size, you will be prompted. |
storage device: | (Optional) Specifies the key storage location The name of the storage device is followed by a colon (:). |
Use this command to generate RSA key pairs for your Cisco device (such as a router).
RSA keys are generated in pairs—one public RSA key and one private RSA key.
If your router already has RSA keys when you issue this command, you will be warned and prompted to replace the existing keys with new keys.
Note Before issuing this command, ensure that your router has a hostname and IP domain name configured (with the hostname and ip domain-name commands). You will be unable to complete the crypto key generate rsa command without a hostname and IP domain name. (This situation is not true when you only generate a named key pair.)
Crypto Key Generate Rsa Usage-keys Label Ssh Keys Modulus 768 1
Note SSH may generate an additional RSA key pair if you generate a key pair on a router having no RSA keys. The additional key pair is used only by SSH and will have a name such as '{router_FQDN}.server'. For example, if a router's fully qualified domain name (FQDN) is 'router1.cisco.com,' the key name is 'routerl.cisco.com.server.'
Crypto Key Generate Rsa Usage-keys Label Ssh Keys Modulus 768 Video
This command is not saved in the router configuration; however, the RSA keys generated by this command are saved in the private configuration in NVRAM (which is never displayed to the user or backed up to another device).
There are two mutually exclusive types of RSA key pairs: special-usage keys and generalpurpose keys. When you generate RSA key pairs, you will be prompted to select either special-usage keys or general-purpose keys.
© 2007 Cisco Systems, Inc. Secured Connectivity 4-141
Crypto Key Generate Rsa Usage-keys Label Ssh Keys Modulus 768 For Sale
Advanced systemcare 11.5 key generator. /battlefield-1-pc-key-generator.html. Was this article helpful?