generating rsa keys

From: Ajay mehra (ajaymehra01@gmail.com)
Date: Fri Sep 19 2008 - 08:46:24 ART

• Next message: Huan Pham: "When IE releases the rest of WB1 V5"
• Previous message: ricky ong: "RE: iewb lab 12 Q6.3 anycast rp"
• Next in thread: Ajay mehra: "Re: generating rsa keys"
• Maybe reply: Ajay mehra: "Re: generating rsa keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Guys,

A small doubt , please help me to get rid of it.

Following command generates two keys and both of them are not exportable.
While I was going through IE AT class as per them same command generates one
key pair out of which one is exportable and one is not exportable.
Rack1R3(config)#crypto key generate rsa

The name for the keys will be: Rack1R3.cisco.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.
How many bits in the modulus [512]:
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

Rack1R3#sh crypto key mypubkey rsa
% Key pair was generated at: 16:57:13 UTC Sep 19 2008
Key name: Rack1R3.cisco.com
 Usage: General Purpose Key
**************** Key is not exportable.**************
 Key Data:
  305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B01C83 F2341517
  4D0475D4 CDBD41FF 82DDAEA7 FAEC1982 4A2308AF 4ECE5174 CEFC9684 5587E321
  4F741C37 9E274CB1 7ACE22BC 17E43C05 A99B726B B5B18DD8 E3020301 0001
% Key pair was generated at: 16:57:15 UTC Sep 19 2008
Key name: Rack1R3.cisco.com.server
 Usage: Encryption Key
***** Key is not exportable.***************
 Key Data:
  307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00D3FECC 493B056D
  98717717 03329758 ADB2C6A4 A65A3567 303474DF 593EE22A 723C8C50 3CE052BC
  3589256B 313553CF 5921D8BF CBB93581 463E63EE 1F454105 4D487086 39729E46
  760A46EE 1322F68A 3BE44B2D E7AB6DA1 974C6C17 F13A7B4D 01020301 0001

Why is there difference? Should not the encryption key been exportable as a
result of this command? If I use th ekeyword exportable while generating
keys then general purpose keys become exportable and encryption key "non
exportable"..which is opposite of the expected output.
I am using

Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version
12.4(11.6), INTERIM SOFTWARE
Please advice.

Thanks
Ajay.

Blogs and organic groups at http://www.ccie.net

• Next message: Huan Pham: "When IE releases the rest of WB1 V5"
• Previous message: ricky ong: "RE: iewb lab 12 Q6.3 anycast rp"
• Next in thread: Ajay mehra: "Re: generating rsa keys"
• Maybe reply: Ajay mehra: "Re: generating rsa keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:18 ART