RSA key doesnt survive power outage

[Arisap]

I have a PIX 501 running 6.22 code. I do a "ca generate rsa key 1024" and it creates a key. I do "wr mem" a "sh ca mypubkey rsa" returns the public key. I then power off the PIX and the key is gone. I wonder if this is normal behavior. It is a problem because I sent a PIX to a remote location and only enabled SSH on the outside interface and now I cannot reach the pix to make changes. The next PIX will allow telnet from the inside as a backup Just wondering if anyone has seen this behavior.

 

[davarg]

Did you try the command ... ca save all ...after generating your key?

 

[Arisap]

no I hadn't. But that would probably do it.

Thanks!!

 

[azstyx]

davarg is quite correct, the wr mem will NOT save the rsa key. The only command that will save your rsa key is: ca save all

depending upon the cipher length, it may take a minute or two. I see you are using 1024 so give it a couple of minutes and do't be surprised if the command doesn't seem to be working immediaely, just let it do it's thing.
K

 

[davarg]

Extra info:

when you use the ca save all command your storing RSA keys and certificate information on the flash memory. So when you reboot or power down, the information is still there.

 

[Arisap]

I did the ca save all and now my keys are saved after a power outage. Thanks davarg for the help. This is what I love about these forums!!!