Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SSH Problem - Need urgent help

ssh configured on router

by following command

ip domain name


crypto key generate rsa


while logging by ssh

it shows some message like

rsa fingerprint

---------------------------connect yes/no ?

should i proceed or varify the key ?

if varify then how it should.

New Member

Re: SSH Problem - Need urgent help

Proceed - on the first connection the key is pushed by the router to the client, so they can both encrypt and decrypt the traffic (the secure bit of ssh). The next time you connect you should not see this message, as the client usually caches this. You usually don't need to do anything else like install keys manually, the cline does this for you. I tend to use Putty for SSH, it seems to work fine with no drawbacks.

Hope this helps.

New Member

Re: SSH Problem - Need urgent help


i have another problem for ssh - router

after pusshing the command

crypto key generate rsa


ip ssh version 2

it again ask for

generate the rsa key

is there any problem with IOS bug ?

for another router while logging every time message is like

the first cipher suported by server is single-des , which is below -----

do you want to continue with this connection.

Kindly suggest in both cases what i should do?

New Member

Re: SSH Problem - Need urgent help

Just tried it on mt 831 and it works fine. I am running 12.3(2)XE4, so maybe it is a version issue.

First though, try removing the key and re-generating it. Do a crypto key zeroize rsa command and try again. If it is still the same, I think you should try a newer version of the IOS.

I am guessing, but I think the second router has too small a key modulus. Try to remove the key, and regenerate it. If it is the same, try new IOS.

I don't play with SSH too much, just usually set up, restrict access to the vty to just SSH, and forget it. So I am not sure the above is correct, but it is a good place to start.