Solved: What determines the size of the rsa keys that can be generated on a device?

Yermander · ‎09-24-2014

According to this pdf:

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-xe-3se-3650-cr-book/sec-a1-xe-3se-3850-cr-book_chapter_0110.pdf

It appears to me that any device running an image before Cisco IOS Release 15.1(1)T was capable of creating a key size of 2048 and that any device running the image above and those thereafter would be able to create keys of 4096

Am I correct in saying this. I know it's a slightly obscure question hence the reason I am struggling to find an answer for this. Any help greatly appreciated. TIA

Marvin Rhoads · ‎09-24-2014

Yes - that's confirmed in the Release Notes for IOS 15.1(1)T.

Non-IOS devices (ASA, Wireless controllers etc.) will each have their own release dependencies.

Also - note for some release trains IOS 12.x enhancements were released after IOS 15.1(1)T so those might also have 4096-bit key support.

View solution in original post

Marvin Rhoads · ‎09-24-2014

Yes - that's confirmed in the Release Notes for IOS 15.1(1)T.

Non-IOS devices (ASA, Wireless controllers etc.) will each have their own release dependencies.

Also - note for some release trains IOS 12.x enhancements were released after IOS 15.1(1)T so those might also have 4096-bit key support.