Please create RSA keys to enable SSH.

Answered Question
Dec 3rd, 2007

I have a Cisco 1811W running 12.4(6)T2 (c181x-advipservicesk9-mz.124-6.T2.bin), and I'm wanting to turn off telnet access to it and turn on SSH which I usually do on all the routers I manage, but on this particular router when I put in the config command:

ip ssh version 1

I get the error message:

Please create RSA keys to enable SSH.

OK, I could have sworn that I had already done that, oh well... so I put in the command:

crypto key generate rsa

specify a 512 bit modulus, the router responds with

% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

But then, when I go back to

ip ssh version 1

I *STILL* get the error "Please create RSA keys to enable SSH"

Any ideas? All I've ever done on a router to enable SSH is "crypto key generate rsa" ...I don't know why this particular router is complaining.

I have this problem too.
0 votes
Correct Answer by Joseph Clarke about 6 years 4 months ago

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Correct Answer
Joseph Clarke Mon, 12/03/2007 - 14:45

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

thomasdzubin Tue, 12/04/2007 - 07:33

Thanks... that was exactly the problem.

I missed a "ip ssh rsa keypair-name SSHtelnet" in my config so once I removed it, zeroized everything and regenerated the keys it all works! Thanks.

Actions

Login or Register to take actions

This Discussion

Posted December 3, 2007 at 1:45 PM
Stats:
Replies:2 Avg. Rating:5
Views:2087 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard