0 Replies Latest reply on May 4, 2017 11:20 PM by snzvosluffy

    NCM Crypto Key RSA Connectivity Issue


      We can manage cisco devices using crypto key modulus 2048 without issues. However, after increasing the setting from 2048 to 4096 (Security recommendations); we can no longer connect to our devices.


      Anyone encountered this kind of issue? I tried raising it to support but was not able to get good information. Anyone tried managing their cisco devices using crypto key 4096?


      By default, the modulus of a certification authority (CA) key is 1024 bits. The recommended modulus for a CA key is 2048 bits. The range of a CA key modulus is from 350 to 4096 bits.


      Effective with Cisco IOS XE Release 2.4 and Cisco IOS Release 15.1(1)T, the maximum key size was expanded to 4096 bits for private key operations. The maximum for private key operations prior to these releases was 2048 bits.