Good Morning Everyone...

I am in the middle of a large router deployment. There is an updated config that I am having the on-site technician run that includes all of the updated config changes.

I am wanting as little on-site technician support as possible and am trying to have the script do all of the heavy lifting for the update. Here is what I am using so far:

tclsh
puts [open "bootflash:ACTIVATION_LOCATION-01.txt" w+] {
!
COPY AND PASTE CONFIGURATION HERE
!
!
!
end
!
}
tclquit
!
!
!
license right-to-use move throughput
!
config t
!
platform hardware throughput level 1000000
!
do wr me
!
exit
!
copy flash:/ACTIVATION_LOCATION-01.txt start
!
!

I would also like the script to include the following:

crypto key gen rsa usage-keys label LOCATION-01 modulus 4096
!
ip ssh rsa keypair-name LOCATION-01

So when I save the file to flash and set it to start it captures the updated config as desired. The problem I am having is including updating the crypto key gen and ip ssh keypair-name command. If I include it in the configuration I copy and paste into the tcl script, when the router reboots, it ignores the crypto keygen command. I know I can run this after the router reboots, but am trying to include as much of the updated config as possble.

Ideas on how I can include this when we are rolling out the updated configs to the field? Remember, I need the least amount of site tech user involvement possible.

Thoughts / Suggestions?