Generating and deleting an RSA key pair

To generate an RSA key pair, enter a command such as the following: 

device(config)#crypto key generate rsa modulus 2048

To delete the RSA host key pair, enter the following command. 

device(config)#crypto key zeroize rsa

Syntax: crypto key { generate | zeroize } rsa [ modulus modulus-size ]

The generate keyword places an RSA host key pair in the flash memory and enables SSH on the device, if it is not already enabled.

The optional [modulus modulus-size ] parameter specifies the modulus size of the RSA key pair, in bits. The valid values for modulus-size are 1024 or 2048. The default value is 1024.

The zeroize keyword deletes the RSA host key pair from the flash memory. This disables SSH if no other authentication keys exist on the device.

The rsa keyword specifies an RSA host key pair.

Parent topic: Enabling and disabling SSH by generating and deleting host keys