Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Not able to see RSA keys in the FWSM configuration

Core issue

The RSA keys that are needed for secure shell (SSH) access to the device do not appear in the configuration. The cryptochecksum is all zeros in the output of the show run command, and there is no output from the show ca mypubkey rsa command.

When you issue the write memory all command from the system context, the Firewall Services Module (FWSM) indicates that the command has failed.


Issue the write memory and ca save all commands on the active FWSM. The saved configurations and RSA keys can be checked with the show start and show ca mypubkey rsa commands.

Note: The all option for the write memory command in FWSM is introduced in version 3.1(1).

The general purpose key is generated when the ca generate rsa key command is issued and the encryption key is for SSH. The encryption key does not show up until a user SSHs to the FWSM.

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 06:07 PM
Updated by:
Labels (1)
Everyone's tags (3)