DGS-6604
m
crypto key
CLI Reference Guide
136
crypto key
To generate and configure an RSA or DSA key pair, use the
crypto
key
command.
crypto key {rsa|dsa}
NBITS
[force]
Default
None
Command Mode
Privileged EXEC
Usage Guideline
To support SSH login, an RSA or DSA key pair must first be generated. This
command can generate either an RSA or DSA key to provide greater security
when logging into the server using SSH. The NBITS value is required to specify
the size of the key pair.
Example
This example shows how to create an RSA key, 1024 bits:
Syntax Description
rsa
Configure an RSA key pair.
dsa
Configure a DSA key pair.
NBITS
Specifies the size of the key pair(s): For RSA the valid values are 512, 768,
1024, and 2048. For DSA the valid values are 512, 768, and 1024. For SSH
version 2, the minimum recommended key size is 768 bits. A key size with a
larger number provides higher security but takes longer to generate.
force
(Optional) Regenerates the keys and suppresses the warning prompt for
overwriting existing keys.
Switch# crypto key rsa 1024
Generating RSA keys.... [OK]
Switch#