cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
789
Views
0
Helpful
1
Replies

crypto key generate in zero seconds?

Michael Hubbard
Level 1
Level 1

I have been building several 4451 routers and 4507R+E switches recently. Right after the devices boot I run a script to create the configuration. The devices have only been up for a couple minutes when the "crypto key generate rsa mod 2048" command is run.

Below is the output. The routers have consistently been zero and switches under 4 seconds.

How can a newly booted device have enough entropy to create a 2048 bit RSA key pair in zero or 3 seconds?

Thanks in advance for any information!

TestLab_4451(config)#crypto key generate rsa mod 2048
The name for the keys will be: TestLab_4451.pu.pri

% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 0 seconds)

4507R+E
TestLab_4507_01(config)#crypto key generate rsa mod 2048
The name for the keys will be: TestLab_4507_01.pu.pri

% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 3 seconds)

1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

I don't use 2048 bit anymore.  Try doing 4096 bit.  It will think for a little bit longer then.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: