Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
52733
Views
15
Helpful
7
Replies

Please create RSA keys to enable SSH.

Go to solution
thomasdzubin
Level 1
Level 1

‎12-03-2007 01:45 PM

I have a Cisco 1811W running 12.4(6)T2 (c181x-advipservicesk9-mz.124-6.T2.bin), and I'm wanting to turn off telnet access to it and turn on SSH which I usually do on all the routers I manage, but on this particular router when I put in the config command:

ip ssh version 1

I get the error message:

Please create RSA keys to enable SSH.

OK, I could have sworn that I had already done that, oh well... so I put in the command:

crypto key generate rsa

specify a 512 bit modulus, the router responds with

% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

But then, when I go back to

ip ssh version 1

I *STILL* get the error "Please create RSA keys to enable SSH"

Any ideas? All I've ever done on a router to enable SSH is "crypto key generate rsa" ...I don't know why this particular router is complaining.

5 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎12-03-2007 02:45 PM

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

View solution in original post

7 Replies 7

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎12-03-2007 02:45 PM

Check your config to see if you've defined a specific keypair for SSH. If you have, you will either need to remove it, or generate RSA keys for that keypair name:

crypto key generate rsa label KEYPAIR

Go to solution
thomasdzubin
Level 1
Level 1
In response to Joe Clarke

‎12-04-2007 07:33 AM

Thanks... that was exactly the problem.

I missed a "ip ssh rsa keypair-name SSHtelnet" in my config so once I removed it, zeroized everything and regenerated the keys it all works! Thanks.

Go to solution
Shiju Gopinathan
Level 1
Level 1
In response to thomasdzubin

‎01-10-2025 03:31 AM

Pls mention the comment to remove in cisco 9300

0 Helpful

Go to solution
Svetlin Simeonov
Level 1
Level 1
In response to Joe Clarke

‎07-02-2019 11:20 PM

Thank you this solve my problem too.
0 Helpful

Go to solution
Rosato
Level 1
Level 1
In response to Joe Clarke

‎10-22-2024 12:29 PM

I searched a bunch of forums and have configured ssh many times. But i have never had this been an issue and today it was thank you!

0 Helpful

Go to solution
teljxr1
Level 1
Level 1

‎07-17-2023 01:46 PM

Ditto that!

0 Helpful

Go to solution
Kwuen Pham
Community Member

‎05-30-2025 09:58 PM

2025 and still helpful

Got this issue with ISR4221. After "crypto key zeroize" then try to Re-generate key, got session cut off and was unable to ssh again.

We tried to generate key again and again but still got "Please create RSA keys to enable SSH (and of atleast 768 bits for SSH v2)." .

Fixed the issue by delete old pub key then re-generate , this time it worked.

0 Helpful
Customers Also Viewed These Support Documents