Solved: Please create RSA keys to enable SSH.

thomasdzubin · ‎12-03-2007

I have a Cisco 1811W running 12.4(6)T2 (c181x-advipservicesk9-mz.124-6.T2.bin), and I'm wanting to turn off telnet access to it and turn on SSH which I usually do on all the routers I manage, but on this particular router when I put in the config command:

ip ssh version 1

I get the error message:

Please create RSA keys to enable SSH.

OK, I could have sworn that I had already done that, oh well... so I put in the command:

crypto key generate rsa

specify a 512 bit modulus, the router responds with

% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

But then, when I go back to

ip ssh version 1

I *STILL* get the error "Please create RSA keys to enable SSH"

Any ideas? All I've ever done on a router to enable SSH is "crypto key generate rsa" ...I don't know why this particular router is complaining.

Joe Clarke · ‎12-03-2007

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

View solution in original post

Joe Clarke · ‎12-03-2007

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

thomasdzubin · ‎12-04-2007

Thanks... that was exactly the problem.

I missed a "ip ssh rsa keypair-name SSHtelnet" in my config so once I removed it, zeroized everything and regenerated the keys it all works! Thanks.

Svetlin Simeonov · ‎07-02-2019

Thank you this solve my problem too.

Rosato · ‎10-22-2024

I searched a bunch of forums and have configured ssh many times. But i have never had this been an issue and today it was thank you!

teljxr1 · ‎07-17-2023

Ditto that!