![]() In Cisco IOS XE Release Bengaluru 17.6.1 and later, configuration of RSA keys less than 2048 bits for SSH generates a warning about a RSA key size compliance violation, but it does not impact SSH operations to the device. This results in loss of remote access to the device through SSH. Without such a configuration change, SSH service on the device is disabled and SSH sessions to the device will fail. In order to continue to use RSA keys less than 2048 bits for SSH, explicit configuration is required. Cisco recommends to use stronger RSA keys that are at least 2048 bits. In Cisco IOS XE Release 17.11.1 and later, RSA keys less than 2048 bits are denied for use with SSH by default due to its weak cryptographic properties. ![]() In releases earlier than Cisco IOS XE Release 17.11.1, RSA keys less than 2048 bits can be used for the SSH server on the device. Device should not allow RSA keys less than 2048 bits in strength for SSH ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |