I have a network with several hundred routers and I need to lock all my devices down to use SSHv2 only.
I have tools which will allow me to interact with the IOS CLI in a scripted fashion but I just need to know, are there commands I can use to easily check for the existence of and length of RSA keys which may already have been generated on my routers?
Re: Check for the existence and length of RSA Keys
Thank you very much, Jon for your reply.
I am aware of the command you referenced and I imagine there is a way to calculate the key length from the displayed key data (e.g. the number of characters displayed will tell you whether the key was generated with a modulus of 512, 768, 1024, etc).
However, I am hoping there is a more succinct way to check for the existence and length (modulus) of all existing keys on a router (something more like a "summary" view or maybe even a MIB variable).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...