566 CHAPTER 15: CRYPTOGRAPHY COMMANDS
History —Introduced in MSS Version 3.0. Webaaa option renamed to
web in MSS Version 4.1.
Usage — You can overwrite a key by generating another key of the same
type.
SSH requires an SSH authentication key, but you can allow MSS to
generate it automatically. The first time an SSH client attempts to access
the SSH server on a WX switch, the switch automatically generates a
1024-byte SSH key. If you want to use a 2048-byte key instead, use the
crypto generate key ssh 2048 command to generate one.
Examples — To generate an administrative key for use with 3WXM, type
the following command:
WX4400# crypto generate key admin 1024
key pair generated
See Also
display crypto key ssh on page 576
crypto generate
request
Generates a Certificate Signing Request (CSR). This command outputs a
PEM-formatted PKCS #10 text string that you can cut and paste to
another location for delivery to a certificate authority.
This command generates either an administrative CSR for use with
3WXM and Web View, or an EAP CSR for use with 802.1X clients.
Syntax —
crypto generate request {admin | eap | web}
admin — Generates a request for an administrative certificate to
authenticate the WX switch to 3WXM or Web Manager.
eap — Generates a request for an EAP certificate to authenticate the
WX switch to 802.1X supplicants (clients).
web — Generates a request for a WebAAA certificate to authenticate
the WX switch to WebAAA clients.
After you type the command, you are prompted for the following
variables:
Country Name string — (Optional) Specify the abbreviation for the
country in which the WX switch is operating, in 2 alphanumeric
characters with no spaces.