2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'

Information

Use this command to generate RSA key pairs for your Cisco device. RSA keys are generated in pairs--one public RSA key and one private RSA key.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

NOTE: If performing an offline config audit this check may not show results.

Solution

Generate an RSA key pair for the router.
hostname(config)#crypto key generate rsa general-keys modulus 2048

See Also

https://workbench.cisecurity.org/files/508

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2(1)

Plugin: Cisco

Control ID: 9a1390ef96189ab865b7feb08a097c60c19df3af8c27009d7cd842cbee251d1f