Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5535
Views
2
Helpful
2
Replies

How can I change the RSA Crypto Key from 2048 to 1024?

rgaspar@setrys.com
Level 1
Level 1

‎07-21-2021 07:05 AM - edited ‎07-21-2021 07:11 AM

How can I change the RSA Crypto Key from 2048 to 1024?
Cisco ISR 4321

Version 17.03.03

 

If I use the command crypto key zeroize rsa and then crypto key generate rsa modulus 1024 it keeps appearing in the show ip ssh:

Minimum expected Diffie Hellman key size: 2048 bits

 

How can I change this to accept a DH Key Size of 1024?

2 people had this problem
Labels:
2 Replies 2

Mark Elsen
Hall of Fame
Hall of Fame

‎07-21-2021 10:13 AM

 

 - Usually this facility is no longer possible and becomes abandoned as software evolves with stronger security, may work on older release which of course has drawbacks.

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

ngkin2010
Level 7
Level 7

‎08-01-2021 08:35 AM - edited ‎08-01-2021 08:42 AM

Hi,

 

Check whether your firmware version allow you to set 1024 or not. The crypto key generate rsa mod 1024 affect the module size, but won't affect the DH key size.

 

(config)# ip ssh dh min size ?
 2048 Diffie Group 14 2048-bit key
 4096 Diffie Group 16 4096-bit key

 

 

Customers Also Viewed These Support Documents