Solved: Re: How to replace "cry key generate rsa" when one key is alread

news2010a · ‎10-23-2009

Folks, I need to paste this config/templace on switches. When there is no cry key gen rsa already in place in the switch, the command works accordingly. If there is a key already in place, then I get prompted for "yes/no" and then I need to enter "800" to select the length I want.

Question: is there any way to force the command below to input "YES" and "800" when I get such prompt?

(...)

!-This one works well if no cry key is in place.

cry key generate rsa

[pick 800] ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits

(...)

!- As you can see, if pasted onto a switch which already has the key it hangs there waiting for a command prompt input.

myswitch(config)#cry key generate rsa

% You already have RSA keys defined named domain.c

% Do you really want to replace them? [yes/no]: yes

Choose the size of the key modulus in the range of 360 to 2048 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.

How many bits in the modulus [512]: 800

(...)

Joe Clarke · ‎10-23-2009

Enter the whole command in one shot:

crypto key generate rsa general-keys modulus 800

View solution in original post

Joe Clarke · ‎10-23-2009

Enter the whole command in one shot:

crypto key generate rsa general-keys modulus 800

Joe Clarke · ‎10-23-2009

Enter the whole command in one shot:

crypto key generate rsa general-keys modulus 800

news2010a · ‎10-23-2009

Excellent! Thanks.

How to replace "cry key generate rsa" when one key is already in place