Generating SSH key for hardware replacement

Unanswered Question
Mar 12th, 2007
User Badges:

Hi - does anyone have any good practices for hardware replacement where SSH is used? For example a remote engineer replaces a switch, a config file is pushed on from our NMS after some basic configuration & then all seems well - except we need to generate the SSH key with 'crypto key generate' and we can not ssh to the box to do this. We don't really want the onsite engineer to generate the key - can we do this in the config file somehow? Ideally keeping the key the same as before so we don't have a problem with NMS's saying the SSH key has changed.

Also - if the key is generated, is it stored in nvram automatically, or only if you wr mem?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
suschoud Mon, 03/12/2007 - 10:07
User Badges:
  • Gold, 750 points or more

hi rich,

after generating the keys,put in the command:

ca save all

this saves the key to the flash memory and you do n't have to regenerate the keys in case the device reboots.

as far as replacement device is concerned,unfortunately there's no way around and you need to regenerate the keys.



cisco tac.


This Discussion