Automatically enabling SSH server on a router.

Discussion in 'Cisco' started by AM, Dec 13, 2005.

  1. AM

    AM Guest

    In order to automate the configuration of a router I insert the following command
    "crypto key generate rsa general-keys modulus 1024"
    but on startup the router says
    "Rsa keys can't be generated by the startup configuration"

    That's true otherwise keys will change every reload. But how to have dozens of routers set up and ready to be installed
    and contacted by remote without doing a 2 step configuration? I mean once started up I can contact the router via expect
    through a telnet connection on my LAN (for example) and then tell the router to create RSA keys.

    AM, Dec 13, 2005
    1. Advertisements

  2. AM

    Merv Guest

    See if this will work:

    ! Generate RSA key

    kron policy-list GEN_RSA
    cli crypto key generate rsa general-keys modulus 1024

    kron occurrence in 5 oneshot
    policy-list GEN_RSA
    Merv, Dec 14, 2005
    1. Advertisements

  3. AM

    AM Guest

    No it doesn't. Doing a "sh run" the router has removed the kron command that would have started the kron policy.

    AM, Dec 14, 2005
  4. AM


    Feb 17, 2014
    Likes Received:
    This will work for you

    kron occurrence crypto_key in 1 oneshot
    policy-list crypto_key
    kron policy-list crypto_key
    cli event manager run crypto_key
    event manager applet crypto_key
    event none sync yes
    action 1 cli command "enable"
    action 2 cli command "config t"
    action 3 cli command "crypto key generate rsa modulus 2048"
    action 4 cli command "exit"
    action 5 cli command "write mem"
    action 6 cli command "end"
    sledge121, Feb 17, 2014
  5. AM


    Jan 18, 2008
    Likes Received:
    There are other dependencies. You need domain name before configuring the crypto keys.
    conft, Jun 20, 2014
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.