To set up secure communications with a peer router, we must first generate our public and private keys. To do so, we use the crypto command from the global configuration mode of the router. The "key name" portion of the command is defined by the administrator.

Once our keys are generated, it is necessary to save them to NVRAM with the copy command. The keys will be stored in a private, tamperproof portion of the ESA.