topic Adding NTP and RSA Key in Network Security

Adding NTP and RSA Key

johnlloyd_13 — Tue, 12 Mar 2019 09:10:46 GMT

hi,

just out of the blue question.

i'm going to add NTP server to some of our ASA that's running proxy phone, s2s VPNs services.

my question is, does adding NTP will 'break' any of the said services (or other services that i'm not aware of)?

is it a safe command to run/add?

also just another question, does generating a new 2048 rsa keys will 'break' the services (SSH, or other services i'm aware of) that's currently using the 'Default-RSA-Key'?

ciscoasa(config)# crypto key generate rsa general-keys modulus 2048
WARNING: You have a RSA keypair already defined named <Default-RSA-Key>.

Do you really want to replace them? [yes/no]: y

Both are a good idea in

Marvin Rhoads — Wed, 05 Apr 2017 12:35:03 GMT

Both are a good idea in general and shouldn't "break" any existing services.

After adding your 2048-bit rsa key, any system that is used to login via ssh will need to accept the new key the first time.

I suppose one could posit an automated system that has no end user under normal circumstances failing to connect but that's a pretty uncommon situation for most shops.

thanks marvin!

johnlloyd_13 — Thu, 06 Apr 2017 01:24:45 GMT

thanks marvin!