- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2007 01:45 PM
I have a Cisco 1811W running 12.4(6)T2 (c181x-advipservicesk9-mz.124-6.T2.bin), and I'm wanting to turn off telnet access to it and turn on SSH which I usually do on all the routers I manage, but on this particular router when I put in the config command:
ip ssh version 1
I get the error message:
Please create RSA keys to enable SSH.
OK, I could have sworn that I had already done that, oh well... so I put in the command:
crypto key generate rsa
specify a 512 bit modulus, the router responds with
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]
But then, when I go back to
ip ssh version 1
I *STILL* get the error "Please create RSA keys to enable SSH"
Any ideas? All I've ever done on a router to enable SSH is "crypto key generate rsa" ...I don't know why this particular router is complaining.
Solved! Go to Solution.
- Labels:
-
Network Management
Accepted Solutions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2007 02:45 PM
Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:
crypto key generate rsa label KEYPAIR

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2007 02:45 PM
Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:
crypto key generate rsa label KEYPAIR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-04-2007 07:33 AM
Thanks... that was exactly the problem.
I missed a "ip ssh rsa keypair-name SSHtelnet" in my config so once I removed it, zeroized everything and regenerated the keys it all works! Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2025 03:31 AM
Pls mention the comment to remove in cisco 9300
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-02-2019 11:20 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 12:29 PM
I searched a bunch of forums and have configured ssh many times. But i have never had this been an issue and today it was thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 01:46 PM
Ditto that!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2025 09:58 PM
2025 and still helpful
Got this issue with ISR4221. After "crypto key zeroize" then try to Re-generate key, got session cut off and was unable to ssh again.
We tried to generate key again and again but still got "Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2)." .
Fixed the issue by delete old pub key then re-generate , this time it worked.
