Hi Balaji,

Thank you for the reply. I would have connected the console cable to the switch if I could get my hands on it.

The issues is, currently the switch is at a remote unmanned location. SSH isn't working but SNMP is, so I read a lot of forums which mention its possible to reboot and make config changes via snmp. So if I can send some commands using snmp I can re-generate the SSH Keys. Unfortunately when I tried the SNMP walk, it wasn't responding the the MIB required to make config changes. I was able to reboot the switch using SNMP because we have the snmp-server system-shutdown enabled. There might be a way to achieve this using SNMP. Below is some of the articles that I have read and tried but due to lack of my experience, I am not able to figure this one out.

Even if its possible to enable telnet using SNMP, I can telnet to the switch and regenerate the the keys.

How To Copy Configurations To and From Cisco Devices Using SNMP - Cisco

NetMRI use SNMP SetRequest to enable telnet on a d... - Infoblox Experts Community

Conf T via SNMP (neverthenetwork.com)

Hello,

I am thinking, maybe you can generate the keys on another device, and then copy the new configuration to the switch using SNMP. I remember somebody copying the config file using SNMP, have a look at the thread below...

https://community.cisco.com/t5/switching/copy-config-out-from-switch-via-snmp-fails/td-p/3067668

Thank you Georg for your reply, I tried using the snmpwrite to copy config using MIBs mentioned in the link.

It returns "No such Instance currently exists at this OID"

MIBs tried and tested are below

.1.3.6.1.4.1.9.9.96.1.1.1.1.2.52

.1.3.6.1.4.1.9.9.96.1.1.1.1.10

.1.3.6.1.4.1.9.2.1.53

They all return the same error "No Such Instance currently exists at this OID"

Hi Peter,

Thank you for the reply. Actually I want to achieve zero size and generate the RSA key and according to one of the article Conf T via SNMP (neverthenetwork.com) we can create the ssh keys via snmp. Until last week I didn't know it was possible to reboot the switch with SNMP and I had to add a line snmp-server system shutdown to be able to do that. We do not have telnet enabled on the switch so I am trying to get atleast config T working using snmp,if that works I can enable telnet on the remote switch and re-generate the SSH keys. NetMRI use SNMP SetRequest to enable telnet on a d... - Infoblox Experts Community

As for after the update, the device rebooted and we were not able to ssh to it. We copied the file and installed the update over ssh but not sure what happened after the update.  Also to note, it was a significant firmware update as we went from base version to 16.4.2. I tried looking into generating a log file with verbose output, the ssh client receives the message "Connection Refused" as soon as I try to ssh, not so helpful logs from putty, linux machine or powershell.

Our last option is console but the switch is at an unmanned location, someone has to go to the site and connect to console cable for us to remotely connect to their computer and access the switch via console cable. For now we can consider doing that but for future if we can achieve this over SNMP then it would be a good alternative to driving all the way to a mountain site just to enable ssh. Switch is doing its job so the production is not affected but its a remote site.

Thanks,

Hitesh

                                               >.... to driving all the way to a mountain site just to enable...

  In theory you can use the CISCO-COPY-CONFIG-MIB to integrate/merge configuration-snippets in the running config with snmp (write) through scripting , for instance for enabling telnet. It might be possible for rsa-keys too , not sure if that can work. Anyway this requires that the current snmp-write community for the device is known and not restricted  by access for/from your intended snmp-manager.

             https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/15217-copy-configs-snmp.html

  Or otherwise it's time to get the hiking-boots (smiley noted).

 M.

Thank you Marcee for your reply, I tried using the snmpwrite to copy config using MIBs mentioned in the link.

It returns "No such Instance currently exists at this OID"

MIBs tried and tested are below

.1.3.6.1.4.1.9.9.96.1.1.1.1.2.52

.1.3.6.1.4.1.9.9.96.1.1.1.1.10

.1.3.6.1.4.1.9.2.1.53

They all return the same error "No Such Instance currently exists at this OID"

 - It's unclear what you tried from that example and or the output seems a bit too sparse. First of all you speak of MIBs tried but there is only one MIB involved in the process which is  the CISCO-COPY-CONFIG-MIB. From the document I send you earlier it is better to use  the named OID's instead of the numeric ones. Further more the needed sequence and or snmp-set command-sequence is much more elaborated and initiates which setting a sources file , instructing the transfer , and some cleanup afterwards. You could for instance google on 'cisco copy-config-mib script example' to get some examples. Here is an interesting one :  https://gist.github.com/tomoconnor/6425476

 It could be used as a test to fetch the configuration from the switch , of course a number of parameters must be changed, such as the address of the collecting tftp-server and the (ultimate) destination file.  If that would work, the script is easily adaptable to do the reverse. Note that is not required to upload a complete config to the switch , configuration-snippets can be uploaded too and they will not overwrite the rest of the running configuration.

 M.

     Original ref : https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/15217-copy-configs-snmp.html