Why does the crypto key show in "show run" on some switches and notothers?

Discussion in 'Cisco' started by ttripp, Feb 4, 2010.

  1. ttripp

    ttripp Guest

    I'm configuring eight identical Cisco 2960 switches running 12.2(44)
    SE6. I'm puzzled by the following behavior:

    I am running the "crypto key generate" command on all these switches.
    However, on those switches where I've turned on port security using
    the "switchport port-security" command, the crypto key no longer
    appears when I do a "show run" (they do appear when I do a "show
    crypto key mypub rsa", so I know they're there).

    On switches where I don't turn on port security, the key shows up in
    the config file when I do a "show run".

    This is not really a problem in my environment, but is there some
    logical reason for this behavior? Or is it just a bug/feature?

    Thanks.
     
    ttripp, Feb 4, 2010
    #1
    1. Advertisements

  2. ttripp

    ttripp Guest

    And now I have to take it back. One of the switches shows the crypto
    key when I do a "show run", even with port-security enabled on an
    interface.

    Still wonder what causes this behavior. Is there any way to have the
    crypto key ALWAYS show up in "show run"? Or, for that matter, for it
    to NEVER show up?
     
    ttripp, Feb 4, 2010
    #2
    1. Advertisements

  3. ttripp

    Khalil Shatta

    Joined:
    Oct 19, 2010
    Messages:
    1
    Likes Received:
    0
    You should use the following command:
    show crypto key mypubkey rsa

    Regards
    Khalil Shatta
     
    Khalil Shatta, Oct 19, 2010
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.