crypto key generate rsa error

Discussion in 'Cisco' started by Michael W. Hubbard, Dec 3, 2005.

  1. Dear Reader;
    Cisco 2621 router with IOS (tm) C2600 Software (C2600-I-M), Version 12.2(5)

    I want to be able to use SSH from the internet. Looking at Cisco's Secure
    Shell Commands reference it says to generate an RSA key first using crypto
    key generate rsa from global config mode. When I do that I receive the
    following. According to Cisco's reference this feature was added to 11(3).
    Any suggestions? Thanks.
    Michael Hubbard

    Loud_2620(config)#crypto key generate rsa
    ^
    % Invalid input detected at '^' marker.

    Loud_2620(config)#
     
    Michael W. Hubbard, Dec 3, 2005
    #1
    1. Advertising

  2. Do you have a K9 image running ?
    What is the flsh file-name of the running image of IOS ?


    "Michael W. Hubbard" <> wrote in message
    news:%Snkf.2785$...
    > Dear Reader;
    > Cisco 2621 router with IOS (tm) C2600 Software (C2600-I-M), Version

    12.2(5)
    >
    > I want to be able to use SSH from the internet. Looking at Cisco's Secure
    > Shell Commands reference it says to generate an RSA key first using crypto
    > key generate rsa from global config mode. When I do that I receive the
    > following. According to Cisco's reference this feature was added to

    11(3).
    > Any suggestions? Thanks.
    > Michael Hubbard
    >
    > Loud_2620(config)#crypto key generate rsa
    > ^
    > % Invalid input detected at '^' marker.
    >
    > Loud_2620(config)#
    >
    >
     
    Martin Bilgrav, Dec 3, 2005
    #2
    1. Advertising

  3. Michael W. Hubbard

    Matty M Guest

    "Michael W. Hubbard" <> wrote in message
    news:%Snkf.2785$...
    > Dear Reader;
    > Cisco 2621 router with IOS (tm) C2600 Software (C2600-I-M), Version
    > 12.2(5)
    >
    > I want to be able to use SSH from the internet. Looking at Cisco's Secure
    > Shell Commands reference it says to generate an RSA key first using crypto
    > key generate rsa from global config mode. When I do that I receive the
    > following. According to Cisco's reference this feature was added to
    > 11(3). Any suggestions? Thanks.
    > Michael Hubbard
    >
    > Loud_2620(config)#crypto key generate rsa
    > ^
    > % Invalid input detected at '^' marker.
    >
    > Loud_2620(config)#
    >


    Hi,

    Maybe you are using the wrong IOS version as in not the number but the
    software feature set.

    Many thanks

    Matt
     
    Matty M, Dec 4, 2005
    #3
  4. Michael W. Hubbard

    Guest

    > Loud_2620(config)#crypto key generate rsa
    > C2600-I-M


    -I- = IP only.

    I think that you need more than that for ssh.
    In fact I think you need the full crypto image. $$$


    By the way -M = Run from RAM

    Z = compressed image file (which you don't have)
     
    , Dec 5, 2005
    #4
  5. Thanks for the replies everyone!

    I didn't realize that I would need the crypto feature set for ssh but since
    you have to generate an RSA key I guess that makes since.

    Sorry for not posting the ver. I knew to do that but just forgot.

    Cisco Internetwork Operating System Software
    IOS (tm) C2600 Software (C2600-I-M), Version 12.2(5), RELEASE SOFTWARE (fc1)
    Copyright (c) 1986-2001 by cisco Systems, Inc.
    Compiled Tue 11-Sep-01 22:18 by pwade
    Image text-base: 0x80008088, data-base: 0x80989210

    ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

    Loud_2620 uptime is 4 weeks, 4 days, 17 hours, 47 minutes
    System returned to ROM by power-on
    System image file is "flash:c2600-i-mz.122-5.bin"

    Michael Hubbard

    <> wrote in message
    news:...
    >> Loud_2620(config)#crypto key generate rsa
    >> C2600-I-M

    >
    > -I- = IP only.
    >
    > I think that you need more than that for ssh.
    > In fact I think you need the full crypto image. $$$
    >
    >
    > By the way -M = Run from RAM
    >
    > Z = compressed image file (which you don't have)
    >
     
    Michael W. Hubbard, Dec 5, 2005
    #5
  6. Michael W. Hubbard

    kcrumz

    Joined:
    Aug 8, 2008
    Messages:
    2
    Cryptographic Features

    You need an IOS that has the cryptographic features. You will need a Cisco Connection Online (CCO) account to download a crypto IOS.

    P3X454_YODA# sh ver
    Cisco IOS Software, C1700 Software (C1700-K9O3SY7-M), Version 12.3(11)T5, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2005 by Cisco Systems, Inc.
    Compiled Sat 02-Apr-05 18:29 by yiyan

    ROM: System Bootstrap, Version 12.2(7r)XM4, RELEASE SOFTWARE (fc1)

    P3X454_YODA uptime is 3 hours, 48 minutes
    System returned to ROM by reload
    System image file is "flash:c1700-k9o3sy7-mz.123-11.T5.bin"


    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.


    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

    If you require further assistance please contact us by sending email to
    .

    Cisco 1712 (MPC862P) processor (revision 0x101) with 83559K/14745K bytes of memory.
    Processor board ID FOC09247YL9 (260893732), with hardware revision 0000
    MPC862P processor: part number 7, mask 0
    1 Ethernet interface
    5 FastEthernet interfaces
    1 ISDN Basic Rate interface
    32K bytes of NVRAM.
    32768K bytes of processor board System flash (Read/Write)

    Configuration register is 0x2102
     
    kcrumz, Aug 8, 2008
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. St V I

    RSA key generation

    St V I, Jan 27, 2004, in forum: Cisco
    Replies:
    0
    Views:
    581
    St V I
    Jan 27, 2004
  2. Ramon F Herrera
    Replies:
    1
    Views:
    815
    Joe Harrison
    Oct 16, 2005
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "RSA and Public Key Cryptography", Richard A. Mollin

    Rob Slade, doting grandpa of Ryan and Trevor, Dec 18, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    535
    Rob Slade, doting grandpa of Ryan and Trevor
    Dec 18, 2003
  4. Darko's
    Replies:
    6
    Views:
    9,555
  5. NextiraOne - D. Grob

    How to generate an RSA Key for HTTPS connection?

    NextiraOne - D. Grob, Jan 31, 2008, in forum: Cisco
    Replies:
    4
    Views:
    3,623
    Tilman Schmidt
    Feb 17, 2008
Loading...

Share This Page