Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1288
Views
0
Helpful
0
Replies

Cannot generate Crypto Keys on ASR 920 using Startup Config

Ronit Bhattacharjee
Level 1
Level 1

‎09-19-2018 04:12 AM - edited ‎03-10-2019 01:05 AM

Team,

 

My router has a hostname and ip-domain configured. If I use the following command manually on the router in config mode, I am able to generate the crypto key and enable SSH.

 

crypto key generate rsa modulus 4096

 

However, if I load a new startup-config remotely via tftp, the same command in the config fails to generate a crypto key.

This is a problem, because we frequently load the configurations on our routers remotely (First wr erase, then copy from tftp, then reload). The "wr erase" part is necessary, otherwise some changes are overlapped.

 

1. Is there a way to automatically generate the crypto key as part of the startup config?

2. Is there any other (better) way to load the configs and not lose the existing crypto key?

 

Attached is a sample config

PS: The passwords are all generic and are used in the lab

Labels:
Preview file
21 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents