09-22-2021 09:48 AM
I am not able to login to my Standby Firewall as SSH is Broken now. And I need to run this command at Standby ASA. I have Access to Standby ASA through ASDM and If I run this command from GUI it does not get executed shows message as below.
How can I run below Crypto command from Active ASA for Peer Standby ASA ?
crypto key generate rsa modulus 2048
Result of the command: "crypto key generate rsa modulus 4096"
WARNING: You have a RSA keypair already defined named <Default-RSA-Key>.
Do you really want to replace them? [yes/no]:
% Please answer 'yes' or 'no'.
Do you really want to replace them? [yes/no]:
% Please answer 'yes' or 'no'.
Do you really want to replace them? [yes/no]:
% ERROR: Timed out waiting for a response.
ERROR: Failed to create new RSA keys named <Default-RSA-Key>
Solved! Go to Solution.
09-23-2021 06:25 AM
always take the backup before you do any modifications and yes that is correct syntax to use from Primary to secondary
before issue make sure check the failover status.
09-22-2021 11:29 AM
Not sure what you mean RSA key broken ? You can not configure anything on standby unit that is not good practice, that will break the whole system. instead you can use ASA command send to standby via Primary using "failover exec"
09-23-2021 05:14 AM
Actually I meant SSH is Broken.
So from Primary Command will be like below ?
failover exec crypto key generate rsa modulus 4096
or
failover exec mate crypto key generate rsa modulus 4096
09-23-2021 06:25 AM
always take the backup before you do any modifications and yes that is correct syntax to use from Primary to secondary
before issue make sure check the failover status.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide