How to export ssh keys in Cisco IOS

    Before you can export an ssh key in IOS or IOS-XE, you have to create the key and ensure that it's exportable. In the example below, note the keyword "exportable."

    # crypto key generate rsa general-keys label ssh_key exportable modulus 2048


    Once the exportable key has been created, it can be exported. In the example below, it will be exported in PEM format and copied to a TFTP server into files called and my-router-ssh-key.pem.prv, where the "pub" for public key and the "prv" for private key are automatically appended. The password is "Cisco123."

    # crypto key export rsa ssh_key pem url tftp:// 3des Cisco123


    Finally, to import the key into another IOS/IOS-XE device, you can use the following command. Again, the .pub and .prv extensions are automatically appended during the import, just hit ENTER when prompted.

    crypto key import rsa ssh_key general-purpose pem url tftp:// Cisco123



    No questions yet.