Generating an RSA Key Pair
The abutting footfall is the conception of an RSA key pair.This is accomplished by application the
following command:
ca accomplish rsa key
This command armament the PIX to accomplish a public/private RSA key brace and
store it in beam memory.The backbone of the generated keys is defined application the
key_modulus_size parameter.The absence amount is 768 bits, which rather secure, but
you can use 1024 or 2048 $.25 if you like. Be abiding that you accept accurately configured
host and area names for the PIX afore you accomplish the keys. For
example:
PIX1(config)# ca accomplish rsa key 1024
Key name:PIX1.securecorp.com
Usage:General Purpose Key
Key Data:
30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c8ed4c
9f5e0b52 aea931df 04db2872 5c4c0afd 9bd0920b 5e30de82 63d834ac f2e1db1f
1047481a 17be5a01 851835f6 18af8e22 45304d53 12584b9c 2f48fad5 31e1be5a
bb2ddc46 2841b63b f92cb3f9 8de7cb01 d7ea4057 7bb44b4c a64a9cf0 efaacd42
e291e4ea 67efbf6c 90348b75 320d7fd3 c573037a ddb2dde8 00df782c 39020301
0001
www.syngress.com
Configuring Virtual Clandestine Networking • Chapter 7 357
Generated keys are stored in beam memory.The accessible key can be beheld by
issuing the command:
show ca mypubkey rsa key
For example:
PIX1(config)# appearance ca mypubkey rsa
% Key brace was generated at: 09:45:23 Sep 11 2002
Key name:PIX1.securecorp.com
Usage:General Purpose Key
Key Data:
30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c8ed4c
9f5e0b52 aea931df 04db2872 5c4c0afd 9bd0920b 5e30de82 63d834ac f2e1db1f
1047481a 17be5a01 851835f6 18af8e22 45304d53 12584b9c 2f48fad5 31e1be5a
bb2ddc46 2841b63b f92cb3f9 8de7cb01 d7ea4057 7bb44b4c a64a9cf0 efaacd42
e291e4ea 67efbf6c 90348b75 320d7fd3 c573037a ddb2dde8 00df782c 39020301
0001
The clandestine key cannot be viewed.