Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
490
Views
0
Helpful
1
Replies

Cisco ASA hostkey too small

lmqtechnology
Level 1
Level 1

‎02-04-2022 07:06 AM

if I look at my public key on ASA it shows a size of 4096

 

Key name: <Default-RSA-Key>
Usage: General Purpose Key
Modulus Size (bits): 4096
Storage: config
Key Data:

 

However an nmap scan keeps reporting the keysize as 1024

 

C:\WINDOWS\system32>nmap -sV --script ssh-hostkey -p 22 192.168.10.1
Starting Nmap 7.80 ( https://nmap.org ) at 2022-02-04 09:58 Eastern Standard Time
Nmap scan report for 192.168.10.1
Host is up (0.044s latency).

PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.5 (protocol 2.0)
| ssh-hostkey:
|_ 1024 1b:e9:95:01:3e:36:ab:cb:db:70:9a:ef:96:f6:30:a1 (RSA)

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.90 seconds

 

Please could some let me know how to correct this.,

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎02-04-2022 08:00 AM

@lmqtechnology you might have multiple keypairs and ssh is not configured to use the desired keypair. You can use the command "ip ssh rsa keypair-name <keypair name>" to specify the keypair.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card