Solved: Looking for comparable command

Mike Mott · ‎10-01-2013

I have a WS-C4506-E that is running cat4500e-universalk9.SPA.03.03.01.SG.151-1.SG1.bin when setting up aaa I start with the follwing command

"crypto key generate rsa general-keys modulus 1024" I let this run and then I add in the rest of the aaa commands as well as Tacacs and ssh.

I have a new WS-C4500X-32 running cat4500e-universalk9.SPA.03.04.02.SG.151-2.SG2.bin

I am not able to run any crypto commands. It does not recognize them. Is there a new or different command I need to invoke to generate the crypto key ?

Richard Burts · ‎10-01-2013

Mike

The k9 in the filename of the image that you are running (cat4500e-universalk9.SPA.03.03.01.SG.151-1.SG1.bin) indicates that it should support generating the crypto key and enabling SSH. I have not used that version of code so I can not tell you exactly what the command would be. But I would ask if you do

crypto ?

what options does it show. If it does not show something that relates to RSA crypto key then I suggest that you use the question mark in global config mode and look for some command that relates to crypto or RSA keys.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎10-01-2013

Mike

The k9 in the filename of the image that you are running (cat4500e-universalk9.SPA.03.03.01.SG.151-1.SG1.bin) indicates that it should support generating the crypto key and enabling SSH. I have not used that version of code so I can not tell you exactly what the command would be. But I would ask if you do

crypto ?

what options does it show. If it does not show something that relates to RSA crypto key then I suggest that you use the question mark in global config mode and look for some command that relates to crypto or RSA keys.

HTH

Rick

HTH

Rick

Mike Mott · ‎10-02-2013

Richard, and all others.

Thank You for your responses. It turned out that both the non K9 version and the K9 version were both in bootflash:.

The config register was set to Ox2101, so when it was reloaded it found the first IOS in Bootflash: which was the non k9 version and loaded it. I deleted the non K9 version from bootflash: and relaoded and it found the only IOS in bootflash: and loaded it. There are now crypto commands available.

Richard Burts · ‎10-02-2013

Mike

Thanks for posting back to the forum and letting us know that you have solved the issue. It makes a lot of sense if flash contained a non k9 version as first image and a k9 version as the second image. I am glad that it is now working as you expect. Perhaps you can now mark this question as answered so that other readers will know that it is solved.

HTH

Rick

HTH

Rick

rfalconer.sffcu · ‎10-01-2013

Can you provide a sh ver output? Are you sure this is the actual software version running on the switch? Maybe an upgrade didn't work properly and it fell back to a different version when it was rebooted?

It certainly sounds like you aren't running k9.

Javier Portuguez · ‎10-01-2013

We certainly need the "show version" output.

Please check this out:

Secure Shell Version 2 Support

In case you are running IOS XE this should help you.

HTH.

Rejohn Cuares · ‎10-01-2013

If you cant run security commands that means you dont have the security license installed.

You can try activating the trial license.

I cant remember the exact command on top of my head. It starts with "license boot"under config global config mode. Just check using IOS CLI context help.

Please rate replies and mark question as "answered" if applicable.