crypto key generate rsa error

Discussion in 'Cisco' started by Michael W. Hubbard, Dec 3, 2005.

  1. Dear Reader;
    Cisco 2621 router with IOS (tm) C2600 Software (C2600-I-M), Version 12.2(5)

    I want to be able to use SSH from the internet. Looking at Cisco's Secure
    Shell Commands reference it says to generate an RSA key first using crypto
    key generate rsa from global config mode. When I do that I receive the
    following. According to Cisco's reference this feature was added to 11(3).
    Any suggestions? Thanks.
    Michael Hubbard

    Loud_2620(config)#crypto key generate rsa
    % Invalid input detected at '^' marker.

    Michael W. Hubbard, Dec 3, 2005
    1. Advertisements

  2. Do you have a K9 image running ?
    What is the flsh file-name of the running image of IOS ?
    Martin Bilgrav, Dec 3, 2005
    1. Advertisements

  3. Michael W. Hubbard

    Matty M Guest


    Maybe you are using the wrong IOS version as in not the number but the
    software feature set.

    Many thanks

    Matty M, Dec 4, 2005
  4. Michael W. Hubbard

    anybody43 Guest

    Loud_2620(config)#crypto key generate rsa
    -I- = IP only.

    I think that you need more than that for ssh.
    In fact I think you need the full crypto image. $$$

    By the way -M = Run from RAM

    Z = compressed image file (which you don't have)
    anybody43, Dec 5, 2005
  5. Thanks for the replies everyone!

    I didn't realize that I would need the crypto feature set for ssh but since
    you have to generate an RSA key I guess that makes since.

    Sorry for not posting the ver. I knew to do that but just forgot.

    Cisco Internetwork Operating System Software
    IOS (tm) C2600 Software (C2600-I-M), Version 12.2(5), RELEASE SOFTWARE (fc1)
    Copyright (c) 1986-2001 by cisco Systems, Inc.
    Compiled Tue 11-Sep-01 22:18 by pwade
    Image text-base: 0x80008088, data-base: 0x80989210

    ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

    Loud_2620 uptime is 4 weeks, 4 days, 17 hours, 47 minutes
    System returned to ROM by power-on
    System image file is "flash:c2600-i-mz.122-5.bin"

    Michael Hubbard
    Michael W. Hubbard, Dec 5, 2005
  6. Michael W. Hubbard


    Aug 8, 2008
    Likes Received:
    Cryptographic Features

    You need an IOS that has the cryptographic features. You will need a Cisco Connection Online (CCO) account to download a crypto IOS.

    P3X454_YODA# sh ver
    Cisco IOS Software, C1700 Software (C1700-K9O3SY7-M), Version 12.3(11)T5, RELEASE SOFTWARE (fc1)
    Technical Support:
    Copyright (c) 1986-2005 by Cisco Systems, Inc.
    Compiled Sat 02-Apr-05 18:29 by yiyan

    ROM: System Bootstrap, Version 12.2(7r)XM4, RELEASE SOFTWARE (fc1)

    P3X454_YODA uptime is 3 hours, 48 minutes
    System returned to ROM by reload
    System image file is "flash:c1700-k9o3sy7-mz.123-11.T5.bin"

    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.

    A summary of U.S. laws governing Cisco cryptographic products may be found at:

    If you require further assistance please contact us by sending email to

    Cisco 1712 (MPC862P) processor (revision 0x101) with 83559K/14745K bytes of memory.
    Processor board ID FOC09247YL9 (260893732), with hardware revision 0000
    MPC862P processor: part number 7, mask 0
    1 Ethernet interface
    5 FastEthernet interfaces
    1 ISDN Basic Rate interface
    32K bytes of NVRAM.
    32768K bytes of processor board System flash (Read/Write)

    Configuration register is 0x2102
    kcrumz, Aug 8, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.