SSHv2 - RSA Keys

zekebashi · ‎07-12-2016

Hello,

I created a simple config file, listed below, and tried to copy and paste this config on a 2960-8Port switch. After pasting this file, I receive as error message when I issue this command "show ip ssh SSH Disabled - version 1.99 % Please create RSA Keys to enable SSH (of at least 768 bits size) to enable SSH v2. Authentication timeout: 120 secs; Authentication retries: 3"

I can't figure out why ssh v2 won't enable. I've tried it on several boxes/switches but I still receive the same error message.

Any idea as why this happens.

Thanks in advance.

Best, ~zK

no service pad

no service password-encryption

hostname Sales-SW-ACC2

ip domain name my.company.come

boot-start-marker

boot-end-marker

enable secret 5 xoadou435o4nadgaet!%Aou2

no aaa-new-model

ip dhcp pool 10.0.0.0

network 10.0.0.0 255.255.255.0

lease 0 0 10

service dhcp

spanning-tree mode past

spanning-tree pordtfast default

spanning-tree extend system-id

vlan internal allocation policy ascending

crypto key generate rss generate-keys modulus 1024

interface GigabitEthernet0/1

interface GigabitEthernet0/2

interface GigabitEthernet0/3

interface GigabitEthernet0/4

interface GigabitEthernet0/5

interface GigabitEthernet0/6

interface vlan1

ip address 10.0.0.1 255.255.255.0

ip sea enabled reaction-alerts

ip dhcp excluded-address 10.0.0.1 10.0.0.10

line console 0

line vey 0 4

privilege level 15

transport input telnet

line vty 5 15

no login

end

Milos Megis · ‎07-13-2016

Hi,
you have command "crypto key generate RSS".
It should be "RSA".

This command also take some time, so it cannot be used in copy/paste (I had same problems with it).
Type it again.

On line vty you need to use transport input ssh or transport input all (for telnet and ssh).

Also SSH require use of username and password authentication.
So create at least one user with command username user privilege 15 secret password