Check for the existence and length of RSA Keys

Unanswered Question
Sep 21st, 2009

Hello,

I have a network with several hundred routers and I need to lock all my devices down to use SSHv2 only.

I have tools which will allow me to interact with the IOS CLI in a scripted fashion but I just need to know, are there commands I can use to easily check for the existence of and length of RSA keys which may already have been generated on my routers?

TIA!

--Steve

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sbyrnes@ballyte... Mon, 09/21/2009 - 10:46

Thank you very much, Jon for your reply.

I am aware of the command you referenced and I imagine there is a way to calculate the key length from the displayed key data (e.g. the number of characters displayed will tell you whether the key was generated with a modulus of 512, 768, 1024, etc).

However, I am hoping there is a more succinct way to check for the existence and length (modulus) of all existing keys on a router (something more like a "summary" view or maybe even a MIB variable).

TIA again for any additional recommendations!

--Steve

Actions

This Discussion