Cisco Support Community
Community Member

missing ssh keys and snmp v3 users in running config

Hello Team,


we have many routing (ISRG2) and switching (Catalyst) devices configured for ssh v2 access only running IOS 15.x. Normal operations works fine.

I save the run-configs regulary. If I need to replace a device I take a spare, load the IOS and the saved configuration to the startup-config

and send out the device for replacement. However doing that way means, I don´t have remote access after reconnecting and starting up the

device because no ssh keys are on the new device (those are not stored in the startup-config, but in the nvram private-config).  Also at this point

I cannot use snmp because also the snmp v3 users are also missing in the running-config.


Currently I see the following options:

1) manually generate new keys on the new device after loading the new config (crypto key gen rsa mod 1024)

2) modify the existing config to allow temporary telnet access until I confirm that remote ssh access again works again

3) manually add snmp v3 users after having again ssh access to the device


Of course, the most efficient way would be, that IOS creates new local ssh keys automatically if ssh access is configured in the config

and no local keys are present at startup.


Any workaround, hint or comment is appreciated

regards, Alfred


CreatePlease to create content