Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Check for the existence and length of RSA Keys

Hello,

I have a network with several hundred routers and I need to lock all my devices down to use SSHv2 only.

I have tools which will allow me to interact with the IOS CLI in a scripted fashion but I just need to know, are there commands I can use to easily check for the existence of and length of RSA keys which may already have been generated on my routers?

TIA!

--Steve

3 REPLIES
Hall of Fame Super Blue

Re: Check for the existence and length of RSA Keys

Steve

This command will show all RSA keys generated on the router -

http://www.cisco.com/en/US/docs/ios/12_3/security/command/reference/sec_s1g.html#wp1100280

Jon

New Member

Re: Check for the existence and length of RSA Keys

(deleted)

New Member

Re: Check for the existence and length of RSA Keys

Thank you very much, Jon for your reply.

I am aware of the command you referenced and I imagine there is a way to calculate the key length from the displayed key data (e.g. the number of characters displayed will tell you whether the key was generated with a modulus of 512, 768, 1024, etc).

However, I am hoping there is a more succinct way to check for the existence and length (modulus) of all existing keys on a router (something more like a "summary" view or maybe even a MIB variable).

TIA again for any additional recommendations!

--Steve

381
Views
0
Helpful
3
Replies