Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1012
Views
0
Helpful
1
Replies

RSA Crypto Key pairs

Pradeep H A
Level 1
Level 1

‎11-01-2012 02:09 PM

Hi,

I found this on our router:

Router#show crypto key mypubkey rsa

% Key pair was generated at: 13:52:01 GMT Oct 9 2010

Key name: Router

Storage Device: private-config

Usage: General Purpose Key

Key is not exportable.

Key Data:

<blah blah>

% Key pair was generated at: 17:50:29 GMT Nov 1 2012

Key name: Router.server

Temporary key

Usage: Encryption Key

Key is not exportable.

Key Data:

<blah blah>

% Key pair was generated at: 17:54:08 GMT Nov 1 2012

Key name: Router

Storage Device: not specified

Usage: General Purpose Key

Key is not exportable.

Key Data:

<blah blah>

My question:

1. I found no statement in configuration that explicitly configures the router for using RSA. any specific reason why Cisco router uses RSA keys & not DH keys by default? can I configure it to use DH keys?

2. When I enter crypto key generate rsa command it generates 2 pairs of keys! Why 2 pairs? isnt 1 pair enough?

3. If I enter crypto key generate rsa command again 1 more pair will be generated. Which one the router will use for SSH?

Labels:
0 Helpful
1 Reply 1

Pradeep H A
Level 1
Level 1

‎11-11-2012 03:13 AM

Why No reply from anyone?

0 Helpful
Customers Also Viewed These Support Documents