Using the following EEM script to generate an RSA key on bootup of an IOS image in VIRL
event manager session cli username "cisco"
event manager applet EEM_SSH_Keygen authorization bypass
event syslog pattern "SYS-5-RESTART"
action 0.0 info type routername
action 0.1 set status "none"
action 1.0 cli command "enable"
action 2.0 cli command "show ip ssh | include ^SSH"
action 2.1 regexp "([ED][^ ]+)" "$_cli_result" result status
action 2.2 syslog priority informational msg "SSH is currently $status"
action 3.0 if $status eq "Disabled"
action 3.1 cli command "configure terminal"
action 3.2 cli command "crypto key generate rsa gen modulus 1024"
action 3.3 cli command "end"
action 3.4 cli command "write mem"
action 3.5 syslog priority informational msg "SSH keys generated by EEM."
action 4.0 end
Want to know something similar for XR. XR does not support EEM applets, therefore the only way of achieving this is through TCL.
This would be really useful as Keys cannot be saved on reboot (no NVRAM in VIRL).
it is possible using EEM Applet for generating RSA and Work is underway to bring EEM cross-platform in a consistent way.
You can use the converter tool at http://www.marcuscom.com/convert_applet to convert an EEM applet to a corresponding Tcl policy. The resulting policy should work on XR.
Please Refer this url for more info - https://supportforums.cisco.com/discussion/12709366/eem-tcl-script-ios-xr