cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
531
Views
0
Helpful
3
Replies

RME 4.2.0 - NetConfig SSH Configuration Template

slcornish
Level 1
Level 1

All,

We're having a problem running command "crypto key generate rsa general-keys modulus 2048" via TFTP on 3550 devices. If we can get it to work, we'll use HP NAS to create the SSH key on our devices.

I'm looking into using RME NetConfig to create the key and came across NetConfig template "SSH Configuration". Does this template create the SSH key?

If not, which RME NetConfig template can be used?

I noticed NetConfig template "Certification Authority Configuration". At the bottom is "RSA Key pairs". Will this run the command listed above?

Thanks,

Stephanie Cornish

3 Replies 3

Joe Clarke
Cisco Employee
Cisco Employee

Yes, the SSH template will allow you to configure the RSA keys. Simply Enable Key Configuration in the template instance, then enter the modulus size in the "Number of Key Bits" field (e.g. 1024). That will deploy the following config to the devices:

crypto key generate rsa 1024

Which means, enter "crypto key generate rsa", hit enter, then enter 1024 at the prompt. RME will handle all interactivity automatically.

crypto key generate rsa general-keys modulus 2048

I don't see "general-keys modulus" in your output so I'm assuming "general-keys modulus" will be omitted in the configuration.

So there's no NetConfig template which will push this exact command:

"crypto key generate rsa general-keys modulus 2048"

Stephanie

No, not by default. However, you could use the Ad hoc template (or create a user-defined template) that does:

crypto key generate rsa general-keys modulus 2048

Then this could be deployed along with the SSH template. The SSH template instance would not do anything with the key, and just modify SSH-specific parameters.

Or, you could create a whole user-defined template which does everything you want in one shot. That is, configure the key as well as the requisite SSH parameters.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco