Richard Burts Thu, 12/18/2008 - 14:08
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


I have not done this and have not tested it but I assume that it would work if you put the command to generate SSH keys into a file and used TFTP to put it into startup. The command would be:

crypto key generate rsa general mod 1024

Note that the syntax may vary slightly over IOS versions so you need to check the exact syntax on the model of router and version of IOS that you plan to use.

Also note that if you use this approach the keys will be stored in startup-config and the router will not generate the keys until the router is booted and reads the startup config. Also be aware that if someone does a copy run start (or write mem) between the time that you TFTP the file and the time that the router boots then the keys will no longer be in startup config.

Is there some reason why you want to TFTP to startup instead of TFTP to running config?




This Discussion