Solved: Generating SSH RSA on a Router with IPSec

xZamalek · ‎03-21-2021

Hello Dears,

We had an access issue to a specific router when i consoled to it i found.

1-The SSH was disabled automatically

2-There is an IPSec tunnel created to a remote router.

-What might causes the SSH to suddenly become disabled?

-if i generate new RSA for ssh , will it affect the ipsec tunnel keys causing the tunnel to tear down or they are both irrelevant to each other?

Georg Pauwen · ‎03-22-2021

Hello,

just to confirm what Richard said: I lab tested what happens when an RSA crypto key is generated and zeroized, it indeed does not affect existing VPN tunnels or connections.

View solution in original post

Richard Burts · ‎03-21-2021

We do not know which model of router this is, or the details of its configuration, and we do not know the details of how you determine that ssh was disabled automatically. So it is difficult to provide specific answers for your issue. I can say that in general the key generated for SSH is independent of any key used for ipsec.

HTH

Rick

xZamalek · ‎03-22-2021

Thank you.

Georg Pauwen · ‎03-22-2021

Hello,

just to confirm what Richard said: I lab tested what happens when an RSA crypto key is generated and zeroized, it indeed does not affect existing VPN tunnels or connections.

Richard Burts · ‎03-22-2021

@Georg Pauwen +5 and thanks for testing and confirming my explanation that RSA key is independent of keys used for ipsec.

HTH

Rick

Georg Pauwen · ‎03-23-2021

@xZamalek

@Richard Burts

Since both SSH and IPSec are somehow part of the cryptographic system, I thought I might as well check if they are not interrelated. Apparently they are not...which is good to know.

xZamalek · ‎03-22-2021

Thanks a lot for testing and confirming , i really appreciate your support.