1 Rookie
•
9 Posts
0
1324
April 25th, 2022 10:00
Error. Failed to generate DSA key
Hi,
I have two N3048P switches in a stack running version 6.5.4.18 and I am trying to get ssh configured. Telnet is enabled so I can access it remotely currently, but would like to use ssh. What I did:
1. Enter into configuration mode: (conf t)
2. no ip ssh server
3. crypto key zeroize dsa
4. crypto key zeroize rsa
5. crypto key zeroize pubkey-chain ssh
6. crypto key generate dsa
... I get an error showing "Error: Failed to generate DSA key."
When trying it with RSA first, I get a similar error: "Error. Failed to generate RSA key."
Any reason why this is the case?
No Events found!
DELL-Chris H
Moderator
•
9.5K Posts
1
April 27th, 2022 12:00
Rocknwatch,
I haven't heard of this happening specifically. What I suggest is that if you have any downtime, would you try breaking the stack to then change the setting on the master, and then stack it again and see if it successful. If so the issue may be performing within the stack.
Let me know.
DELL-Young E
Moderator
•
5.2K Posts
0
April 25th, 2022 22:00
Hi, thanks for choosing Dell. There is a procedure to enable SSH session in N-Series switch. Please see the attached screenshot. That is the command sets for creating SSH server.
https://dell.to/3MzFke1
And your configuration is wrong.
https://dell.to/3MmdYrE
1 Attachment
732d4cf6-b401-4f09-9da7-43d2757e3e66-745257247.png
rocknwatch
1 Rookie
•
9 Posts
0
April 26th, 2022 09:00
The link you provided is the one I was following to set things up. My configuration is not wrong as it works just fine on two other N3048P switches. For some reason, I get the error stating this particular switch stack fails to generate a dsa key and an rsa key.
If you have any other relevant solutions, I would be happy to try them. Thanks.
DELL-Chris H
Moderator
•
9.5K Posts
0
April 26th, 2022 13:00
Rocknwatch,
So just to clarify, the two switches in this specific stack are getting the error, but two other switches in a different stack do not give the error?
Are the two other switches different in model, firmware, OS, or anything else that you notice?
Let us know.
rocknwatch
1 Rookie
•
9 Posts
0
April 27th, 2022 09:00
Hi Chris,
Thanks for the reply. The switches in the stack report an error generating rsa and dsa keys. The two other switches are N3048P switches with the same firmware, but are not stacked and do generate keys just fine and ssh is configured and working on them. I tediously compared running configs on them to see what is different and can't seem to find any relevant differences (e.g. ip addresses, vlan access on ports, etc.)
Thanks!
rocknwatch
1 Rookie
•
9 Posts
0
April 27th, 2022 12:00
Hey Chris,
Thanks for the tip. I'll try that when I get back to that location early next week and let you know how it behaves.
Thanks!
rocknwatch
1 Rookie
•
9 Posts
0
May 2nd, 2022 13:00
Hey Chris,
I was able to generate keys and configure the ssh server on the switches after breaking the stack. Thanks a ton for the help!
Pete