Field Notice: FN - 72511 - RSA Keys Less Than 2048 Bits Are Not Supported for SSH in Cisco IOS XE Release 17.11.1 and Later - Workaround Provided

Available Languages

Updated:May 16, 2023

Document ID:FN72511

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Revision History

Revision	Publish Date	Comments
1.0	09-May-23	Initial Release

Products Affected

Affected OS Type	Affected Software Product	Affected Release	Affected Release Number	Comments
NON-IOS	IOSXE	17	17.11.1, 17.11.1a

Defect Information

Defect ID	Headline
CSCwc72599	Device should not allow RSA keys less than 2048 bits in strength for SSH

Problem Description

In releases earlier than Cisco IOS XE Release 17.11.1, RSA keys less than 2048 bits can be used for the SSH server on the device.

In Cisco IOS XE Release 17.11.1 and later, RSA keys less than 2048 bits are denied for use with SSH by default due to its weak cryptographic properties. Cisco recommends to use stronger RSA keys that are at least 2048 bits. In order to continue to use RSA keys less than 2048 bits for SSH, explicit configuration is required. Without such a configuration change, SSH service on the device is disabled and SSH sessions to the device will fail. This results in loss of remote access to the device through SSH.

Background

In Cisco IOS XE Release Bengaluru 17.6.1 and later, configuration of RSA keys less than 2048 bits for SSH generates a warning about a RSA key size compliance violation, but it does not impact SSH operations to the device. This warning message is displayed when a weak RSA key pair is used for SSH.

%SSH-5-SSH_COMPLIANCE_VIOLATION_RSA_KEY_SIZE: SSH RSA Key Size compliance violation detected. Kindly note that the usage of keys smaller than 2048 bits will be deprecated in the upcoming releases. Please revise your key configuration accordingly to avoid service impact.

In Cisco IOS XE Release 17.11.1 and later, RSA keys less than 2048 bits are denied by default and require explicit configuration to be allowed.

Problem Symptom

If the RSA key pair is not updated to be at least 2048 bits for SSH, or if the configuration is not explicitly enabled to allow weak cryptographic algorithms prior to the Cisco IOS XE Release 17.11.1 upgrade, then the SSH server will be disabled upon an upgrade to Cisco IOS XE Release 17.11.1. This results in failure of the remote SSH sessions to the device.

Workaround/Solution

The solution is to update the RSA key pair used with SSH to at least 2048 bits.

Prior to an upgrade to Cisco IOS XE Release 17.11.1 or later, enter this command in order to identify the RSA key modulus size.

Device#show ip ssh | include Modulus

Modulus Size : 1024 bit

In order to update the RSA key pair, complete these steps:

Enter this command in order to generate a new RSA key pair that is at least 2048 bits in strength.

Device#config terminal

Enter configuration commands, one per line.  End with CNTL/Z.

csr1(config)#crypto key generate rsa modulus 2048 label strong-ssh-key

The name for the keys will be: strong-ssh-key


% The key modulus size is 2048 bits

% Generating 2048 bit RSA keys, keys will be non-exportable...

[OK] (elapsed time was 0 seconds)

Enter this command in order to associate the newly generated RSA key pair with SSH.
```
Device(config)#ip ssh rsa keypair-name strong-ssh-key
```

If it is not possible to update the RSA key pair, then this configuration command is required for SSH to continue to use the weak RSA key pair upon an upgrade to Cisco IOS XE Release 17.11.1.

Device(config)#crypto engine compliance shield disable

Note: This command is only available in Cisco IOS XE Release 17.7.1 and later, and will only take effect after a reboot.

Cisco does NOT recommend this option as these weak cryptographic algorithms are insecure and do not provide adequate protection from modern threats and should only be used as a last resort.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)